Notes.docx

Full Transcript

**Notes**

**How to create and modify files :**

Working with files in a Unix-like operating system (such as Linux)
involves several basic commands. Here\'s a quick overview of how to
create, edit, modify, read, and echo into files.

1\. Using \`touch: This command creates an empty file.

touch filename.txt

2\. Using \`echo\`: This command can create a file and write a line of
text to it.

echo \"Hello, World!\" \> filename.txt

3\. Using \`cat\`: This command can be used to create a file and write
text to it.

cat \> filename.txt

**Editing Files**

1\. Using \`vi\` or \`vim\`: A more powerful text editor, though it has a
steeper learning curve.

vi filename.txt

**Modifying Files**

1\. Appending with \`echo\`: Use the \`\>\>\` operator to append text.

echo \"Additional text\" \>\> filename.txt

2\. \*\*Using \`cat\`\*\*: To append content of one file to another.

cat anotherfile.txt \>\> filename.txt

**Reading Files**

1\. Using \`cat\`: Display the content of the file.

cat filename.txt

2\. Using \`more\`: read the file content.

more filename.txt

3\. Using \`less\`: Similar to \`more\`

less filename.txt

4\. Using \`head\`: Display the first few lines of the file.

head filename.txt

5\. Using \`tail\`: Display the last few lines of the file.

tail filename.txt

**Making directories and removing them**

**Creating Directories**

1\. Using \`mkdir\`: Create a new directory.

mkdir directory\_name

2\. Creating nested directories: Use the \`-p\` option to create parent
directories as needed.

mkdir -p parent\_directory/child\_directory

**Deleting Directories**

1\. Using \`rmdir\`: Remove an empty directory.

rmdir directory\_name

2\. Using \`rm\`: Remove a directory and its contents recursively.

rm -r directory\_name

3\. Force remove: Use the \`-f\` option to force removal without
prompting.

rm -rf directory\_name

**Copying and moving files**

**Copying Files**

1\. Using \`cp\`: Copy a file.

cp source\_file destination\_file

2\. Copying multiple files: Copy multiple files to a directory.

cp file1 file2 file3 destination\_directory/

3\. Recursive copy: Use the \`-r\` option to copy directories and their
contents.

cp -r source\_directory destination\_directory

**Moving and Renaming Files**

**1**. Using \`mv\`: Move or rename a file.

mv source\_file destination\_directory/

**Rename:**

mv old\_filename new\_filename

**File and Directory permissions**

**-** \`-\`: The first character indicates the file type (e.g., \`-\`
for a regular file, \`d\` for a directory).

\- \`rwx\`: The next three characters indicate the owner\'s permissions.

\- \`r-x\`: The next three characters indicate the group\'s permissions.

\- \`r\--\`: The last three characters indicate others\' permissions.

**Permission Types**

\- \`r\` (read): Allows viewing the file or directory contents.

\- \`w\` (write): Allows modifying the file or directory contents.

\- \`x\` (execute): Allows executing the file (if it\'s a script or
program) or accessing the directory.

**Changing Permissions**

The \`chmod\` command is used to change file and directory permissions.
There are two methods to use \`chmod\`: symbolic and numeric.

**Symbolic Method**

**1. Add permission: Use \`+\`.**

chmod u+x filename \# Add execute permission for the owner

chmod g+w filename \# Add write permission for the group

chmod o+r filename \# Add read permission for others

**2. Remove permission: Use \`-\`.**

chmod u-x filename \# Remove execute permission for the owner

chmod g-w filename \# Remove write permission for the group

chmod o-r filename \# Remove read permission for others

**3. Set permission: Use \`=\`.**

chmod u=rwx filename \# Set read, write, and execute permissions for the
owner

chmod g=rx filename \# Set read and execute permissions for the group

chmod o=r filename \# Set read permission for others

**Numeric Method**

\- \`r\` = 4

\- \`w\` = 2

\- \`x\` = 1

Combine these values to set permissions. For example:

\- \`7\` (rwx) = 4 + 2 + 1

\- \`5\` (r-x) = 4 + 1

\- \`4\` (r\--) = 4

chmod 755 filenam

This command sets:

\- Owner: \`rwx\` (7)

\- Group: \`r-x\` (5)

\- Others: \`r-x\` (5)

**Umask**

specifies the permissions that should not be set when a file or
directory is created. The \`umask\` value is subtracted from the default
permissions to determine the actual permissions.

The default permissions for files and directories before applying
\`umask\` are:

\- **Files: \`666\` (read and write for everyone, no execute)**

**- Directories: \`777\` (read, write, and execute for everyone)**

**Viewing the Current \`umask'**

umask

**Calculating Permissions with \`umask\`**

The actual permissions for new files and directories are calculated by
subtracting the \`umask\` value from the default permissions.

For example, with a \`umask\` value of \`0022\`:

\- Default file permissions: \`666\`

\- Resulting file permissions: \`666 - 022 = 644\` (read and write for
the owner, read-only for group and others)

\- Default directory permissions: \`777\`

\- Resulting directory permissions: \`777 - 022 = 755\` (read, write,
and execute for the owner, read and execute for group and others)

**Setting \`umask\`**

To set a new \`umask\` value, use the \`umask\` command followed by the
desired value:

umask 027

This sets the \`umask\` value to \`027\`, which results in the following
default permissions:

\- Files: \`666 - 027 = 640\` (read and write for the owner, read-only
for the group, no permissions for others)

\- Directories: \`777 - 027 = 750\` (read, write, and execute for the
owner, read and execute for the group, no permissions for others)

**Manually add a user**

**Creating a User**

The \`useradd\` command is used to add a new user to the system.

sudo useradd

2\. Set a password for the new user:

sudo passwd john

3\. Add the user to additional groups (e.g., sudo):

sudo usermod -aG sudo john

**Removing a User**

If you need to remove a user, you can use the \`userdel\` command.

1\. Delete a user but keep their home directory:

sudo userdel username

2\. Delete a user and their home directory:

sudo userdel -r username

**Files that modify when a new user is added**

1\. \`/etc/passwd\`

This file contains basic information about all user accounts. Each line
represents a user and contains the following fields separated by colons
(\`:\`):

\- \`username\`: The username.

\- \`password\`: An \`x\` if the password is stored in \`/etc/shadow\`
(more secure).

\- \`UID\`: The user ID number.

\- \`GID\`: The primary group ID number.

\- \`GECOS\`: User\'s full name or other information.

\- \`home directory\`: The path to the user\'s home directory.

\- \`shell\`: The path to the user\'s default shell.

2\. \`/etc/shadow\`

This file stores secure user password information. It is readable only
by the root user.

3\. \`/etc/group\`

This file contains information about groups on the system.

**Tar Command**

\- \`-t\` (list): List the contents of a tar archive.

\- \`-r\` (append): Append files to the end of an archive.

\- \`-C\` (directory): Change to a directory before performing other
operations.

\- \`-z\` (gzip): Compress or decompress the archive using gzip.

\- \`-v\` (verbose): Show the progress in the terminal.

\- \`-c\` (create): Create a new tar archive.

\- \`-f\` (file): Specify the name of the tar archive file.

\- \`-x\` (extract): Extract files from a tar archive.

**1. Create a Tar Archive'**

To create a tar archive (\`archive.tar\`) from files in a directory:

tar -cvf archive.tar /path/to/directory

**2. Create a Gzipped Tar Archive**

To create a zipped tar archive (\`archive.tar.gz\`):

tar -cvzf archive.tar.gz /path/to/directory

**3. List Contents of a Tar Archive**

tar -tvf archive.tar

For a zipped tar archive:

tar -tvzf archive.tar.gz

**4. Extract a Tar Archive**

tar -xvf archive.tar

**5. Extract to a Specific Directory**

tar -xvf archive.tar -C /path/to/extract

6\. Append Files to a Tar Archive

tar -rvf archive.tar newfile.txt

**grep and egrep**

The \`grep\` and \`egrep\` commands are used to search text using
patterns. \`grep\` stands for \"global regular expression print,\" and
\`egrep\` is \"extended grep.\" The primary difference is that \`egrep\`
supports extended regular expressions.

**Common Flags**

1\. \`-i\`: Ignore case distinctions.

grep -i \"pattern\" file

2\. \`-r\` or \`-R\`: Recursively search directories.

grep -r \"pattern\" /path/to/dir

3\. \`-c\`: Count matching lines.

grep -c \"pattern\" file

4\. \`-n\`: Show line numbers with matches.

grep -n \"pattern\" file

5\. -A NUM\`: Show NUM lines of context after each match.

grep -A 3 \"pattern\" file

6\. \`-B NUM\`: Show NUM lines of context before each match.

grep -B 3 \"pattern\" file

7\. \`-C NUM\`: Show NUM lines of context around each match.

grep -C 3 \"pattern\" file

**Examples**

1\. Case-insensitive search:

grep -i \"hello\" myfile.txt

2\. Recursively search directories:

grep -r \"hello\" /path/to/dir

3\. Count matching lines:

grep -c \"hello\" myfile.txt

4\. Show line numbers:

grep -n \"hello\" myfile.txt

5\. Using \`egrep\` for extended regular expressions:

egrep \"hello\|world\" myfile.txt

**Hard links and Soft links**

\- Create a hard link: \`ln target\_file link\_name\`

\- Create a soft link: \`ln -s target\_file link\_name\`

\- Delete a link: \`rm link\_name\`

\- Verify a hard link: \`ls -li\`

\- Verify a soft link: \`ls -l\`

**Diffrences between hard link and soft link**

**Both are used to link files but they have several key differences in
how they function and how they interact with the filesystem.**

**Hard Links**

**1. Inode and Data Sharing:**

\- Hard links share the same inode number as the original file. They are
essentially additional directory entries for the same file.

\- All hard links to a file share the same physical data on the disk.

**2. File Deletion:**

\- Deleting a hard link only removes the directory entry. The file data
remains accessible as long as at least one hard link (or the original
file) exists.

\- The file data is deleted only when the last hard link is removed.

**3. Cross-Filesystem Links:**

\- Hard links cannot span different filesystems. They must be on the
same filesystem as the target file.

**4. Directories:**

\- Hard links to directories are generally not allowed to prevent
filesystem corruption and complexity in directory structures.

**5. Usage:**

\- Used when you need multiple names for the same file and want to
ensure that all names always point to the same data.

**Soft Links (Symbolic Links)**

**1. Inode and Data Sharing:**

\- Soft links have their own inode and are separate from the original
file. They contain a path that points to the target file or directory.

\- They do not share data blocks with the target file. Instead, they
just point to the location of the target file.

**2. File Deletion:**

\- Deleting a soft link removes only the link. The target file remains
unaffected.

\- If the target file is deleted, the soft link becomes a \"dangling\"
link, pointing to a non-existent file.

**3. Cross-Filesystem Links:**

\- Soft links can span across different filesystems and can point to
files or directories on different filesystems.

**4. Directories:**

\- Soft links can link to directories without any restrictions.

**5. Usage:**

\- Used when you need to link to files or directories across different
filesystems or when you want the link to be easily distinguishable from
the original file.

**Main log files**

the \`/var/log\` directory contains various log files that record
activities and events on the system. Three main log files commonly found
in this directory are:

1\. \`/var/log/syslog\` (or \`/var/log/messages\` on some systems):

\- Records general system activity logs, including system messages,
application logs, and security events.

2\. \`/var/log/auth.log\` (or \`/var/log/secure\` on some systems):

\- Contains authentication-related logs, including successful and failed
login attempts, as well as changes to user accounts and other security
events.

3\. '/var/log/kern.log\`:

\- Stores kernel messages and logs generated by the kernel, useful for
diagnosing kernel-related issues and hardware problems.

**Find Command**

used to search for files and directories within a directory hierarchy.
It\'s powerful and versatile, offering numerous options and flags to
customize searches.

**Most Commonly Used Flags**

1\. -name\`: Search for files by name.

find /path/to/search -name \"filename\"

Example: Find all files named \`example.txt\`:

find / -name \"example.txt\"

2\. \`-type\`: Search for files by type (e.g., file, directory

find /path/to/search -type \[f\|d\|

Example: Find all directories:

find /path/to/search -type d

3\. \*-size\`: Search for files by size.

find /path/to/search -size \[+\|-\]size

Example: Find files larger than 100MB:

find /path/to/search -size +100M

4\. \`-mtime\`: Search for files by modification time.

find /path/to/search -mtime \[n\]

Example: Find files modified in the last 7 days:

find /path/to/search -mtime -7

5\. \`-exec\`: Execute a command on the found files.

find /path/to/search -name \"filename\" -exec command {} \\;

Example: Find and delete all \`.tmp\` files:

find /path/to/search -name \"\*.tmp\" -exec rm {} \\;

6\. \`-user\`: Search for files by owner.

find /path/to/search -user username

Example: Find all files owned by user \`john\`:

find /path/to/search -user john

7\. \`-group\`: Search for files by group.

find /path/to/search -group groupname

Example: Find all files belonging to group \`staff\`:

find /path/to/search -group staff

8\. \`-perm\`: Search for files by permissions.

find /path/to/search -perm mode

Example: Find all files with 755 permissions:

find /path/to/search -perm 755

9\. \`-iname\`: Search for files by name, case insensitive.

find /path/to/search -iname \"filename\"

Example: Find files named \`example.txt\` or \`Example.txt\`:

find /path/to/search -iname \"example.txt\"

**Process Management**

processes are generally categorized into two types based on their
interaction with users and their purpose:

\- Interactive Processes: Require user input and run in the foreground,
interacting directly with users.

\- Daemon Processes: Run in the background, providing system services
and typically starting during system boot without direct user
interaction.

\- Process: A running instance of a program that includes code,
resources, and execution state.

\- Service: A specialized type of process that operates in the
background to provide system-level functionality or support to other
programs.

**Managing services**

Managing Services with \`systemctl\`

**- Start a Service:**

systemctl start servicename

**- Stop a Service:**

systemctl stop servicename

**- Restart a Service:**

systemctl restart servicename

**- Enable a Service to Start at Boot:**

systemctl enable servicename

**- Disable a Service from Starting at Boot:**

systemctl disable servicename

**- Check the Status of a Service:**

systemctl status servicename

**Process states**

\- Running (R): Process is currently executing or ready to execute.

\- Sleeping (S): Process is waiting for an event or resource.

\- Stopped (T): Process is halted, usually by a signal.

\- Zombie (Z): Process has finished execution but remains in the process
table.

\- Dead (D): Process is stuck in an uninterruptible sleep state, often
due to I/O wait.

**Foreground and Background Processes**\
1. Foreground Process:\
   - Executes and occupies the terminal.\
2. Background Process:\
   - runs the process in the background and doesn't take control of the
terminal.\
   - \`Ctrl+Z\` suspends a process and moves it to the background.\
**Managing Jobs**\
3. Bringing a Job to Foreground:

\- \`fg %job\_number\` brings the process back to the foreground.\
\
4. Killing Processes:\
   - \`kill -9 PID\` or \`kill -15 PID\` kills a process by its PID.\
   - \`pkill proc\_name\` kills processes by name.\
   - \`kill %job\_number\` kills a job by its job number.\
**Viewing Processes**

5.Listing Processes:\
   - \`pgrep -u username\` shows processes by a user.\
   - \`pgrep -u username -a\` shows detailed processes by a user.\
   - \`pgrep -l proc\_name\` lists all process IDs of that process.

\- ps Basic process information for the current shell session.

-\`ps -ef\`: Detailed process listing in Unix System V style.

\- \`ps aux\`: Detailed process listing in BSD style, with additional
resource usage information.\
6. Job Control:\
   - \`jobs\` shows jobs in the background.

**Virtualization**\
Virtualization: Creates multiple virtual machines (VMs) on a single
physical machine for more efficient resource use and simplified
management.\
T**ypes of Virtualization\
**1. Bare Metal Hypervisor (Type 1):\
   - Installs directly on hardware.\
   - Examples: VMware ESXi, Microsoft Hyper-V.\
\
2. Hosted Hypervisor (Type 2):\
   - Runs as an application on a host operating system.\
   - Examples: VMware Workstation, Oracle VirtualBox.\
\
Hypervisor: Manages hardware resources and allocates them to VMs,
ensuring each VM operates independently.\
**VMware ESXi and vSphere**\
**- VMware ESXi:**\
  - Type 1 hypervisor.\
  - Manages hardware resources on a physical server.\
  - Must be installed on bare metal.\
**- VM (Virtual Machine**):\
  - Software-based emulation of a physical computer.\
**- vSphere:**\
  - VMware\'s virtualization platform.\
  - Includes ESXi and vCenter.\
**- vCenter:**\
  - Centralized management tool for vSphere.\
  - Manages multiple ESXi hosts and VMs.

**Networking**

**Network Interfaces**

**Networking is the process of connecting computers and other devices so
they can communicate and share information. It involves using cables,
wireless signals, or other means to link devices together, allowing them
to exchange data, access shared resources like printers and files, and
connect to the internet. Networking makes it possible for devices to
work together, enabling everything from browsing the web to streaming
videos and sending emails.**

\- NIC (Network Interface Card): The hardware component that connects a
computer to a network. It can be wired (Ethernet) or wireless (Wi-Fi).

\- Loopback Interface:A virtual network interface (\`lo\`) used for
internal testing and communication within the host. The loopback IP
address is \`127.0.0.1\`.

-LAN (Local Area Network): A network that connects devices within a
limited area such as a home, office, or building. LANs are typically
used to share resources like files, printers, and internet connections
among multiple devices.

-WAN (Wide Area Network): A network that covers a broad area, such as a
city, country, or even multiple countries. The internet is the largest
example of a WAN. WANs connect multiple LANs and are typically used by
businesses and ISPs to connect geographically distant locations.

-NIC (Network Interface Card): A hardware component that connects a
computer to a network. NICs can be wired (using Ethernet cables) or
wireless (using Wi-Fi).

-Switch: A networking device that connects multiple devices on a LAN and
uses MAC addresses to forward data to the correct destination. Switches
operate at the data link layer (Layer 2) of the OSI model.

-Router: A networking device that forwards data packets between computer
networks. Routers operate at the network layer (Layer 3) of the OSI
model and use IP addresses to determine the best path for forwarding
packets to their destination.

-NAT (Network Address Translation): A method used by routers to
translate private IP addresses used within a LAN to a single public IP
address for communication over the internet. NAT helps conserve public
IP addresses and adds a layer of security by hiding internal network
addresses.

-Broadcast: A method of sending data packets to all devices on a
network. In Ethernet networks, the broadcast address is typically the
last address in a subnet. For example, in the subnet \`192.168.1.0/24\`,
the broadcast address is \`192.168.1.255\`.

**IP Addressing**

\- IP Address: A unique identifier assigned to each device on a network.
IPv4 addresses are 32 bits long, while IPv6 addresses are 128 bits.

\- IPv4: 32-bit IP addresses, limited address space.

\- IPv6: 128-bit IP addresses, virtually unlimited address space.

\- MAC Address: Unique hardware address for network interfaces, used
within LANs**.**

\- Subnet Mask:Used to divide an IP address into network and host
portions, indicating which part of the address is the network
identifier.

\- Default Gateway:The IP address of the router that forwards traffic
from the local network to other networks, typically the internet.

-Static IP: is a fixed, unchanging IP address manually set for a device,
ideal for servers and printers that need consistent access. It requires
manual setup but provides reliability and predictability.

-Dynamic IP: is assigned automatically by a DHCP server and can change
over time. It is more flexible and easier to manage, making it suitable
for devices like computers and smartphones that don\'t need a permanent
IP. This setup is efficient for networks with many devices frequently
connecting and disconnecting.

**Configuration Files**

\- /etc/network/interfaces (Debian/Ubuntu): Configuration file for
network interfaces.

\- /etc/sysconfig/network-scripts/ifcfg-\ (Red Hat/CentOS):
Configuration files for network interfaces.

\- /etc/nsswitch.conf\`: Defines the order and sources for various
system lookups, like hostname resolution and user information.

\- /etc/hosts\`:Maps hostnames to IP addresses locally for quick and
simple name resolution.

-/etc/resolv.conf\`: Specifies DNS servers and settings for resolving
domain names into IP addresses.

**Network Configuration Tools**

\- ifconfig: Deprecated tool used to configure network interfaces.

\- ip: Modern tool to manage IP addresses and network interfaces.

\- nmcli: Command-line tool for managing NetworkManager.

\- nmtui:Text-based user interface for NetworkManager.

\- dhclient: DHCP client tool to obtain IP addresses from a DHCP server.

**NetworkManager**

is a system service for managing network connections on Linux systems,
aimed at simplifying network configuration and management for both users
and administrators. Key functions include:

1\. Network Connection Management: Easily manage Ethernet, Wi-Fi, mobile
broadband, VPN, and more.

2\. Dynamic Configuration:Automatically handle network interface settings
and adapt to changing network environments.

3\. Connection Persistence: Save and reuse connection profiles with
settings like passwords and IP configurations.

4\. Automatic IP Address Assignment: Configure IP addresses via DHCP or
static methods.

5\. User and Application Integration: Offer APIs and command-line tools
for network interaction and provide a graphical interface.

6\. Security and VPN Management: Support secure connections with WPA/WPA2
and VPN management.

7\. Status Monitoring:Provide real-time information on network
connectivity and status.

8\. Support for Multiple Interfaces: Manage multiple network interfaces,
such as Wi-Fi and Ethernet, simultaneously.

**Network Services**

\- DHCP (Dynamic Host Configuration Protocol): Automatically assigns IP
addresses and other network settings to devices on a network.

\- DNS (Domain Name System): Translates domain names to IP addresses.

\- SSH (Secure Shell):Protocol for securely accessing remote machines.

**Routing**

\- Routing Table:A table used by the operating system to determine where
to send packets. It can be viewed and modified using the \`route\` or
\`ip route\` commands.

\- Static Routing: Manually defined routes in the routing table.

\- Dynamic Routing:Routes that are automatically adjusted by routing
protocols (e.g., OSPF, BGP).

**Network Diagnostic Tools**

\- ping:Tests connectivity between devices by sending ICMP echo
requests.

\- traceroute:Traces the path packets take to reach a destination.

-ip route: Shows the routing table, detailing how packets reach
different networks.

-ethtool: Displays and changes settings for network interface cards
(NICs).

**Commands you can use to identify the information of your hosts/VMs:\
**\
1. IP Address:\
   - ifconfig\
   - ip addr show\
   - \`mcli\`\
2. Network Mask/Prefix/CIDR:\
   - ifconfig\
   - ip addr show\
   - ip a\
3. Gateway:\
   - route -n\
   - netstat -nr\
4. DNS:\
   - nslookup\
   - dig (ens160)\
**Firewalls**

\- iptables:A user-space utility program that allows a system
administrator to configure the IP packet filter rules of the Linux
kernel firewall.

\- firewalld: A dynamic firewall management tool with D-Bus interface.

**Virtual Networking**

\- Bridge: A virtual switch that connects multiple network interfaces at
the data link layer.

\- VLAN (Virtual Local Area Network): A method to create multiple
distinct broadcast domains which are mutually isolated, yet coexisting
on the same physical network.

\- VPN (Virtual Private Network):\*\* Creates a secure, encrypted
connection over a less secure network.

**Basic Network Commands**\
**1. Show all connections:**

   nmcli con show\
\
**2. Show details of a specific connection:**\
    nmcli con show \\
\
**3. Activate (up) or deactivate (down) a connection:**\
\
   con up \\
   nmcli con down \\
\
**4. Modify an existing connection:**\
   nmcli connection modify \\
   \
**5. Clone an existing connection:**\
 nmcli connection clone \ \\
\
**6. Delete a connection:**\
   nmcli connection delete \

**Creating a New Connection**\
**To create a new Ethernet connection with specific parameters:**\
nmcli connection add con-name \ type ethernet ifname
\ ipv4.addresses \/18 ipv4.dns
\ ipv4.gateway \ ipv4.method
\ connection.autoconnect \\
\
**Example**\
**Creating a new connection named \`ens171\`:**\
nmcli connection add con-name ens171 type ethernet ifname ens192
ipv4.addresses [10.10.60.156/18](http://10.10.60.156/18) ipv4.dns
1.1.1.1 ipv4.gateway 10.10.60.1 ipv4.method manual
connection.autoconnect yes

**Packet Management**

Involves handling software packages (collections of files and metadata)
on a system. These packages can contain applications, libraries, or
system components. Package management helps in the installation,
updating, configuration, and removal of software.

**Red Hat-Based Systems (e.g., CentOS, Fedora)**

**Update Package List and Upgrade All Packages:**

\`sudo dnf upgrade\` (for newer systems)

**Install a Package:**

yum install package\_name\`

dnf install package\_name\`

**Remove a Package:**

\`sudo yum remove package\_name\`

\`sudo dnf remove package\_name\`

**Search for a Package:**

\`yum search package\_name\`

\`dnf search package\_name\`

**List Installed Packages:**

\`yum list installed\`

\`dnf list installed\`

**LDAP**

LDAP (Lightweight Directory Access Protocol)is a protocol used to access
and manage directory services over a network. It is commonly used for
centralized management of user and group information. Key concepts
include:

1\. Directory Service:A specialized database that stores information in a
hierarchical structure, optimized for reading and searching entries like
user and group data.

2\. Entries and Attributes: Each entry represents an object (like a user)
and contains attributes (like name, email) that describe it.

3\. Distinguished Name (DN): A unique identifier for an entry, specifying
its path in the directory\'s hierarchy.

4\. Schema: Defines the structure and rules of the directory, including
allowed object classes and attributes.

5\. LDAP Operations:Includes actions like Bind (authenticate), Search
(retrieve information), and Compare (check attribute values).