Exam objectives – EX423

The Red Hat® Certificate of Expertise in Directory Services and Authentication Exam (EX423) tests the ability of a Red Hat Certified Engineer (RHCE®) to implement directory services and authentication for enterprise environments.

This guide provides information that candidates may use in preparing to take the Red Hat Certificate of Expertise in Directory Services and Authentication Exam.

Red Hat is not responsible for the content or accuracy of other guides, books, online resources, or any other information provided by organizations or individuals other than Red Hat Global Learning Services. Red Hat reserves the right to change this guide when appropriate, and candidates who have enrolled in forthcoming classes or exams are advised to check this guide periodically for changes.

Performance-based exams

This exam is a performance-based evaluation of system administration skills and knowledge. Candidates perform a number of routine system administration tasks and are evaluated on whether they have met specific objective criteria.

Performance-based testing means that candidates must perform tasks similar to what they perform on the job.

Prospective employers of people with the Red Hat Certificate of Expertise in Directory Services and Authentication credential should verify any claims by people claiming to hold this credential by requesting their certificate number and verifying it with the Red Hat certification verification tool.

Authorized training partners

Only Red Hat and Red Hat-certified training partners offer this exam. Prospective candidates should exercise due diligence when purchasing a seat in an exam from a provider other than Red Hat itself. They should verify that the provider is, in fact, an authorized training partner in good standing. Please notify training@redhat.com about organizations that purport to offer Red Hat exams, but who are not Red Hat Certified Training Partners.

Official scores for this exam come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 5 US business days.

Exam results are reported as section scores. Red Hat does not report performance on individual items, nor will it provide additional information upon request.

Preparation for the Red Hat Enterprise Deployment and Systems Management Expertise Exam

Red Hat encourages all candidates for the Red Hat Certificate of Expertise in Directory Services and Authentication Exam to consider taking the Red Hat Enterprise Directory Services and Authentication (RH423) training course. Attendance in this class is not required, so one can choose to take just the exam. Many successful candidates who have come to class already possessing substantial skills and knowledge have reported that the class made a positive difference for them.

While attending Red Hat classes can be an important part of one's preparation to take this exam, attending class does not guarantee success on the exam. Previous experience, practice, and native aptitude are also important determinants of success.

Many books and other resources on system administration for Red Hat's products are available. Red Hat does not officially endorse any as preparation guides for its exam. Nevertheless, you may find additional reading deepens understanding and can prove helpful.

Components of the exam

The Red Hat Certificate of Expertise in Directory Services and Authentication Exam is organized as follows:

  • Directory Service configuration and user authentication: 4 hours

In order to earn the Red Hat Directory Services and Authentication Certificate of Expertise, you must earn a score of 70 or higher.

Study points for the exam

Prerequisite skills for the exam

Candidates must be a current RHCE to take this exam.

Directory Service Configuration and User Authentication

Candidates should be able to perform the tasks listed below:

  • Install Red Hat Directory Server.

  • Configure the default lightweight directory access protocol (LDAP) suffix.

  • Configure the administrative user.

  • Configure a slave replica.

  • Configure Red Hat Directory Server for transport layer security (TLS) communication.

  • Request a certificate from a certificate authority (CA).

  • Install CA-signed server certificate.

  • Configure command-line tools.

  • Use TLS.

  • Use a default LDAP suffix.

  • Configure Red Hat Directory Server access through user access controls.

  • Authenticate to the Directory Server using kerberos.

  • Configure write referrals.

  • Migrate NIS users and groups into LDAP.

  • Create and modify entries of the inetOrgPerson object class.

  • Import user information from an LDIF file.

  • Export specific user information to an LDIF file.

  • Configure a system to authenticate using LDAP.

  • Configure a system to authenticate using Active Directory.

As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.

Red Hat course covering these skills

Red Hat Enterprise Directory Services and Authentication (RH423)

The Red Hat Enterprise Directory Services and Authentication course is designed to train IT professionals with RHCE-level competency on skills required to manage and deploy the Red Hat Directory Server on and for Red Hat Enterprise Linux systems. Gaining an understanding of the basic concepts, configuration, and management of LDAP-based services is central to this course. We will also look at PAM, the Pluggable Authentication Modules system, and how it is integrated with services that require authentication and authorization.