RHEL for Windows Admins

Section 1 · Agenda

What you asked for — with one small remix.

As requested

File system
Paths
Basic commands
File ops
Permissions
Users & groups

How we'll teach it

File system + paths (one block)
Basic commands
File ops
Users & groups ↑
Permissions ↑

Permissions sit on top of users and groups. Teaching users and groups first makes the third column of rwxr-xr-- actually mean something when we get there.

Section 2 · Translation

Windows → Linux

Same job. Different shell.

Windows	RHEL	What it does
services.msc / sc.exe	`systemctl`	Start, stop, enable services
Event Viewer	`journalctl`	Read system + service logs
Task Manager	`top` / `ps`	See what's running
Registry	`/etc` config files	System & app configuration
Run as administrator	`sudo`	Elevate for one command
C:\Users\jim	`/home/jim`	Your home directory
PowerShell	`bash` + pipes	Scripting & composition
Group Policy (GPO)	Ansible	Enforce config at scale
WSUS / SCCM	Satellite + Insights	Patch, inventory, advise
Active Directory	IdM / SSSD join	Central identity

Section 3 · File system + paths

One tree. No drive letters.

Everything hangs off /. Disks, network shares, USB sticks — they all mount into a single tree.

/             root of everything
/etc          config files (your "registry")
/home         user home directories
/var/log      logs
/opt          optional / vendor apps
/usr          system programs & libraries
/tmp          scratch space

Absolute vs relative

/etc/hosts — absolute, always the same place.
./hosts — relative, means "hosts in my current dir."
~ — your home directory shortcut.

Two things to remember

Case-sensitive. /etc/Passwd ≠ /etc/passwd.

Tab completion is your friend. Type the first few letters, hit Tab.

Section 4 · Basic commands

Seeing what's there.

pwd                     where am I?
ls                      list files here
ls -lah                 long format, all, human-readable
cd /var/log             change directory
cd ~                    go home
cd -                    go back to last dir
cat file.txt            print the whole file
less file.log           page through a big file (q to quit)
head -20 file           first 20 lines
tail -f file.log        follow a log as it grows
grep "error" file.log   search for a pattern

The pipe | is your superpower: ps aux | grep nginx — list all processes, keep the ones matching "nginx."

Lab 1 · Explore

Try it yourself.

Open the terminal (bottom-left 💻 button). On the lab bastion you'll be studentN; on your own box you're already you. Either way, walk through these.

Where am I, and who am I?
```
pwd
whoami
id
```
Look around. What's in your home directory?
```
ls
ls -lah
ls -lah ~/practice
```
Step into practice and read the starter file.
```
cd ~/practice
cat hello.txt
cat README.txt
```

See the bigger system. Don't touch — just look.

ls /etc | head -20
cat /etc/os-release
tail -5 /var/log/messages   # may say permission denied — good, we'll fix that later

Pipes. Find every line mentioning "student" in the user database.
```
cat /etc/passwd | grep student
```

Section 5 · File ops

Changing what's there.

mkdir projects          make a directory
mkdir -p a/b/c          make the whole path
cp file.txt backup.txt  copy
cp -r dir/ backup/      copy a directory recursively
mv old.txt new.txt      move or rename (same command)
rm file.txt             delete (no recycle bin — it's gone)
rm -rf dir/             delete a directory and everything in it
ln -s /long/path short  symbolic link (shortcut)
touch newfile           create empty file / update timestamp

No recycle bin. rm is immediate. rm -rf / is how careers end. Always ls before you rm -rf.

Lab 2 · Make & break things (safely)

Your sandbox. No one gets hurt.

Build a little directory tree.

cd ~/practice
mkdir -p projects/secu/notes
ls -R projects

Make a file two ways.

touch projects/secu/empty.txt
echo "my first linux file" > projects/secu/notes/day1.txt
cat projects/secu/notes/day1.txt

Copy, move, rename. All one idea.

cp projects/secu/notes/day1.txt projects/secu/notes/day1-backup.txt
mv projects/secu/notes/day1.txt projects/secu/notes/monday.txt
ls projects/secu/notes

Edit with nano. Ctrl-O saves, Ctrl-X exits.
```
nano projects/secu/notes/monday.txt
```

Clean up. Notice: no recycle bin.

rm projects/secu/empty.txt
rm -r projects/secu/notes
ls projects/secu

Section 6 · Users & groups

Who is on this box.

Users

id                 who am I?
whoami             just my name
useradd alice      create user
passwd alice       set password
userdel alice      delete
/etc/passwd        the user database

Groups

groups             my groups
groupadd devs      create group
usermod -aG devs alice
                   add alice to devs
/etc/group         the group database

Every user has one primary group and zero or more supplementary groups. Think AD: user + security groups. Same idea.

Section 7 · Permissions

Who can do what — the synthesis.

-rwxr-xr--  1  jim  wheel  4096 Apr 14 10:15 script.sh
 │└┬┘└┬┘└┬┘    │    │
 │ │  │  │     │    group that owns it
 │ │  │  │     user that owns it
 │ │  │  everyone else's permissions
 │ │  group's permissions
 │ owner's permissions
 file type (- = file, d = dir, l = link)

Change them

chmod 755 script.sh
chmod +x script.sh
chown alice:devs file
chgrp devs file

sudo, not always-admin

Per command, not a session. You stay as you. Every elevation logged in /var/log/secure. Root login disabled by default — a feature.

"Command not found"?

Three things differ between you and root:

File perms — cat /etc/shadow fails for you, works for root.
Privileged syscalls — systemctl start, useradd, dnf install.
PATH — historically /usr/sbin was root-only; on RHEL 10 it's everyone's, so you'll see the real "Permission denied" instead.

Lab 3 · Permissions & sudo

Read the triplets. Feel the denial.

Read the permissions on a few real files.
```
ls -l /etc/passwd
ls -l /etc/shadow
ls -l /usr/bin/passwd
```
Notice: anyone can read passwd. Only root can read shadow. That's the whole security model in two lines.
Try to read a root-only file. Watch it fail cleanly.
```
cat /etc/shadow
```

Make a file and change its permissions.

cd ~/practice
echo "secret" > mine.txt
ls -l mine.txt
chmod 600 mine.txt
ls -l mine.txt
chmod +x mine.txt
ls -l mine.txt

Elevate with sudo — just for one command. (If sudo isn't set for you, that's the demo: least privilege by default.)
```
sudo cat /etc/shadow | head -3
sudo systemctl status sshd
```
Check what was logged.
```
sudo tail -20 /var/log/secure
```

Section 7.5 · We got you

At scale, nobody SSH's into 500 boxes.

You asked for command line, so that's what we did. But real talk — the management stack is every bit as capable as what you run on the Windows side.

Red Hat Satellite

Patch, provision, configure fleets. The RHEL analogue to SCCM/WSUS for servers — content views, lifecycle environments, the works.

Ansible Automation Platform

One control plane for Linux and Windows and network gear. Think GPO, but it actually works cross-platform.

Red Hat Insights

Proactive advisor. Flags CVEs, misconfigs, and drift before they page you. Included with every RHEL subscription.

Image mode for RHEL

Servers as versioned, signed images. Golden image, git-native. Roll forward, roll back, done.

Plus the humans: your Red Hat account team, 24/7 support (included), access.redhat.com knowledge base, learn.redhat.com. The CLI is the foundation. The platform is how you actually run it.

Section 8 · Where to go next

You're not starting from zero.

Hands-on

learn.redhat.com — free browser labs
developers.redhat.com — free RHEL for dev use
RHEL in WSL2 — Linux on your Windows box

Coming next session

console.redhat.com — WSUS + SCCM + Defender, for RHEL
Ansible — GPO for Linux (and Windows, and network gear)
Image mode — RHEL that updates like a container

You're experienced admins. The primitives are familiar. The rest is vocabulary.

your shell

RHEL forWindows Admins