Blog

Customized LDAP Integration

Bryan Jones — Tue, 31 Jan 2012 20:28:10 +0000

LDAP is hard to get working with your Drupal site. Luckily there is a module that helps with that (as there usually is). Unfortunately the module currently only provides the ability to log in through LDAP. You can not check to see if the user exists in LDAP, and if not, use the Drupal database. Many sites may want this functionality and it is quite easy to add.

Please note that all of the code below are HACKS to the ldap_integration module. If you do not feel comfortable hacking modules, do not attempt to write any of this! All of this code was placed in ldapauth.module and inside of the ldapauth_authenticate() function. Also, much of the code below has been slightly modified to remove any information that may cause security implications.

The first thing we want to do is ping LDAP for a user. If the user does not exist in active directory, the module will check to see if they are active in the Drupal user database. If the user is active, it will assure that the user does not have any of the roles that LDAP assigns, specifically the employee and the various departmental roles. To start, scroll down the ldapauth_authenticate() function and find the following conditional statement.

<?php
  if (!($dn = _ldapauth_auth($name, $pass))) {
    // If LDAP authentication fails, use Drupal authentication!
  }
?>

This condition runs if LDAP sends back a negative request on the user, meaning it could not find the user in its system. The code placed inside of this conditional statement is quite simple. Grab the information the user submitted through the login form and test it against the Drupal database. The code below will just load the users information if LDAP authentication fails. Comments are place throughout to help understand what is going on.

<?php
    $result = db_query("SELECT name, data FROM {users_table} WHERE name='%s'", $name);
    if ($row = db_fetch_array($result)) {
      $data = unserialize($row['data']);
      if (isset($data['ldap_authentified']) && $data['ldap_authentified'] != 0) {
        drupal_set_message('The LDAP server could not find your user. The LDAP server may be down or the password you entered is incorrect. If the problem persists, please contact the webmaster.', 'error');
      }
      else {
        // core user_login_name_validate
        if (isset($form_values['name'])) {
          if (user_is_blocked($form_values['name'])) {
            // blocked in user administration
            form_set_error('name', t('The username %name has not been activated or is blocked.', array('%name' => $form_values['name'])));
          }
          else if (drupal_is_denied('user', $form_values['name'])) {
            // denied by access controls
            form_set_error('name', t('The name %name is a reserved username.', array('%name' => $form_values['name'])));
          }
        }

        // core user_authenticate
        $account = user_load(array('name' => $form_values['name'], 'status' => 1));
        if ($account && drupal_is_denied('mail', $account->mail)) {
          form_set_error('name', t('The name %name is registered using a reserved e-mail address and therefore could not be logged in.', array('%name' => $account->name)));
        }

        // Name and pass keys are required.
        // The user is about to be logged in, so make sure no error was previously
        // encountered in the validation process.
        if (!form_get_errors() && !empty($form_values['name']) && !empty($form_values['pass']) && $account) {
          $user = $account;
          user_authenticate_finalize($form_values);
          // If a user was logged in this way and not through LDAP, they should only have basic roles. 
          // Roles are changed in case employees are dropped on the LDAP side, we don't want them to retain the
          // roles on the Drupal side.
          if((in_array('City Employee', $user->roles) || in_array('County Employee', $user->roles)) && !in_array('Super User', $user->roles)) {
            $user->roles = array(
              '101' => 'authenticated user',  // 'role_id' => 'role name'
              '102' => 'Citizen',
            );
            $edit = array('roles' => $user->roles);
            $user = user_save($user, $edit);
            watchdog('user', 'User %user was not found through LDAP and their employee roles were revoked.', array('%user' => $form_values['name']));          
          }
          return $user;
        }
        else {
          watchdog('user', 'Login attempt failed for %user.', array('%user' => $form_values['name']));
        }

        // core user_login_final_validate
        if (!$user->uid) {
          form_set_error('name', t('Sorry, unrecognized username or password. <a href="@password">Have you forgotten your password?</a>', array('@password' => url('user/password'))));
        }
        return;
      }
    }    
    return;
?>

Should an employee no longer work at the office, this system will automatically remove the Drupal employee and departmental roles from the website, assuring that the user cannot continue to update website content. In the future, this user id will exclusively be logged in as either a visitor or as an employee through the traditional Drupal authentication system. But what if LDAP authentication doesn't fail? If LDAP auth passes, we still need to make sure they have a Drupal profile. The code below runs if they are in LDAP, but not Drupal

<?php
  if (!($dn = _ldapauth_auth($name, $pass))) {
    // The code above...
  }
  if (!$account) {
    // Register this new user.
    if ($ldap_user = _ldapauth_user_lookup($name)) {
      $ldap_roles = unserialize($_ldapauth_ldap->roles);
      // If mail attribute is missing, set the name as mail.
      $init = $mail = key_exists(($_ldapauth_ldap->getOption('mail_attr') ? $_ldapauth_ldap->getOption('mail_attr') : LDAPAUTH_DEFAULT_MAIL_ATTR), $ldap_user) ? $ldap_user[$_ldapauth_ldap->getOption('mail_attr')][0] : $name . '@example.com';

      // Check if the e-mail is not denied.
      if (drupal_is_denied('mail', $mail)) {
        form_set_error('name', t('The name %name is registered using a reserved e-mail address and therefore could not be logged in.', array('%name' => $name)));
        return;
      }

      // Generate a random drupal password. LDAP password will be used anyways. If the Drupal password 
      // is guessed somehow it will not matter because it never looks at it.
      $pass_new = (LDAPAUTH_LOGIN_PROCESS == LDAPAUTH_AUTH_EXCLUSIVED || !LDAPAUTH_SYNC_PASSWORDS) ? user_password(20) : $pass;

      // Get the rid of the imported role, if any.
      $new_dn = preg_replace('/^[CN=](.*?),/', '', $ldap_user['dn']);
      $role_id = db_result(db_query("SELECT rid FROM {roles_table} WHERE name = '%s' LIMIT 1", $ldap_roles[$new_dn]));

      $userinfo = array(
        'name' => $name, 
        'pass' => $pass_new, 
        'mail' => $mail, 
        'init' => $init, 
        'status' => 1, 
        'authname_ldapauth' => $name, 
        'ldap_authentified' => TRUE, 
        'ldap_dn' => $ldap_user['dn'], 
        'ldap_config' => $_ldapauth_ldap->getOption('sid'),
      );
      $userinfo['roles'] = array(
        DRUPAL_AUTHENTICATED_RID => 'authenticated user',
        $role_id => $ldap_roles[$new_dn],
        '102' => 'County Employee',
      );
      $user = user_save(null, $userinfo, array('roles' => $new_roles));
      watchdog('ldapauth', 'New external user %name created from the LDAP server %server.', 
      array('%name' => $name, '%server' => $_ldapauth_ldap->getOption('name')), WATCHDOG_NOTICE, l(t('edit'), 'user/'. $user->uid .'/edit'));
    }
  }
?>

Now if an LDAP user is authenticated through LDAP and already has a Drupal profile, all we have to do is make sure that the user roles are up to date. For example, if John Somebody leaves the accountant office and joins the IT office, he should no longer have accountant permissions and should be granted IT permissions.

<?php
  else {
    // Login existing user.
    $data = array(
      'ldap_dn' => $dn,
      'ldap_config' => $_ldapauth_ldap->getOption('sid'),
    );
    $ldap_roles = unserialize($_ldapauth_ldap->roles);

    // Gets the correct dn by slicing off the CN portion. Only need OU information
    $new_dn = preg_replace('/^[CN=](.*?),/', '', $dn);

    if(!in_array($ldap_roles[$new_dn], $account->roles)) {
      // Get the rid of the imported role, if any.
      $role_id = db_result(db_query("SELECT rid FROM {roles_table} WHERE name = '%s' LIMIT 1", $ldap_roles[$new_dn]));
      if(!empty($role_id)) {  
        $account->roles = array(
          DRUPAL_AUTHENTICATED_RID => 'authenticated user',
          $role_id => $ldap_roles[$new_dn],
          '102' => 'County Employee',
        );
      }
      else {
        $account->roles = array(
          DRUPAL_AUTHENTICATED_RID => 'authenticated user',
          '102' => 'County Employee',
        );   
      }
      $edit = array('roles' => $account->roles);
      $account = user_save($account, $edit);
    }
    if (!isset($account->ldap_authentified)) {
      // LDAP and local user conflict.
      if (LDAPAUTH_LOGIN_CONFLICT == LDAPAUTH_CONFLICT_LOG) {
        watchdog('ldapauth', 'LDAP user with DN %dn has a naming conflict with a local drupal user %name', array('%dn' => $dn, '%name' => $account->name), WATCHDOG_ERROR);
        drupal_set_message(t('Another user already exists in the system with the same login name. You should contact the system administrator in order to solve this conflict.'), 'error');
        return;
      }
      else {
        $data['ldap_authentified'] = TRUE;
        $data['authname_ldapauth'] = $name;
      }
    }
?>

Now if LDAP fails, it will use Drupal's database to log the user in. It will act intelligently with roles, making sure they work in sync with the LDAP server. Any users that do not belong to LDAP but are Drupal users will get basic roles.

Blog Type:

Technical

Site Building Track at DrupalCon Denver

Rick Nashleanas — Tue, 24 Jan 2012 22:19:16 +0000

As I write this, we are that close to releasing our final schedule for DrupalCon Denver. Believe me, you just can't have enough attention to detail at this point.

As I have written previously, DrupalCon Denver has something for everyone, but the flip side of that coin is that each track is targeted to a specific audience. If possible, I intend to highlight each track up until DrupalCon Denver itself.

Site Building track. The Site Building track is all about folks who have put together Drupal sites, and can install modules, but aren't necessary comfortable with extensive module development. Frankly, without my staff of great developers, this is where I would spend a major portion of my time.

Track chairs. Each track has both a local and global track chair. Many thanks to our local track co-chairs Lindsay Odgen "lindsayo" & Carl Weidemann "c4rl". Our global track chair is Allie Micka "Allie Micka". Without the hard work of each of these subject matter experts, we wouldn't have this great track. Thanks!

The Site Building track is going to give you:

Hope, admiration or simple awe... The case studies from actual Drupal implementations at Martha Stewart and zagat.com will give real life examples of what you could bring back to your organization.
Real world knowledge... Want to know how to incorporate media into your site? Want to make your site truly multilingual? Learn from people who have actually done it.
Extend your Drupal implementation... You've used webform, but have you used it for surveys and data collection? If you grew up with nodes, blocks and context, learn about the power of Panels.
Newest use of technology... Do you really understand fields and entities? Who doesn't want to build out reuseable site structure (using the Features module)?
Solutions to your common problems... Love or hate it, website users want WYSIWYG's. Learn best practices for configuring your WYSIWYG.
The ability to scale your site and keep it available... Learn practical tools and techniques to keep your site up and running smoothly.
The knowledge to move to the latest version... You've got a Drupal 6 site... What's the best way to get it to D7? Tricks and tips in the Site Building track.

What are you going to do now? Check out all of the details from these Site Building sessions here. Then, sign up for DrupalCon now. Don't forget the party! If you see me there, please say hello.

Blog Type:

Business

CSS3Pie

jswainst — Thu, 19 Jan 2012 20:49:41 +0000

CSS3 has become popular with the latest web browser releases and is increasingly being incorporated into web site designs, however, these features do not work in the older versions of Internet Explorer (IE). While we all would love for everyone to upgrade to at least IE9, many people are stuck with IE7 or 8 due to not being able to upgrade to Windows Vista or 7 at this time. CSS3Pie is a library created to help solve the issue of displaying CSS3 properties in IE6-8.

CSS3Pie has become a popular library for the display of CSS3 properties. The properties available for use in IE are border-radius, box-shadow, border-image, css3 backgrounds, gradients, and several other properties specific to the CSS3Pie library. We have used several of these properties in creating a Drupal theme from a Photoshop comp.

Border Radius

Let's start by taking a look at the border-radius property.

Examples:

border-radius: 10px; 
border-radius: 0 10px 0 10px;

The first example will apply a 10px rounded corner to each corner of the element. The second example will apply only to the upper right and lower left corners. When including four parameters to the property, the ordering is defined as follows:

border-radius: top-left top-right bottom-right bottom-left;

The image below shows the border-radius property in action.

Box Shadow

Box-shadow is another useful property of CSS3.

Example:

-webkit-box-shadow:#555 5px 5px 20px; 
-moz-box-shadow:#555 5px 5px 20px; 
box-shadow:#555 5px 5px 20px;

The webkit and moz box-shadow properties are necessary for rendering on firefox, chrome, and safari. The first item is the color of the shadow, represented in hexadecimal notation, and the other three represent the size of the shadow.

The above image displays the use of the box-shadow property surrounding the slideshow element.

Gradients

Gradients are a very popular CSS3 property. An example is:

background:#8b8b8d; 
background:-webkit-gradient(linear, 0 0, 0 bottom, from(#828183), to(#8b8b8d)); 
background:-webkit-linear-gradient(#828183, #8b8b8d); 
background:-moz-linear-gradient(#828183, #8b8b8d); 
background:-ms-linear-gradient(#828183, #8b8b8d); 
background:-o-linear-gradient(#828183, #8b8b8d); 
background:linear-gradient(#828183, #8b8b8d); 
filter:progid:DXImageTransform.Microsoft.Gradient(startColorStr=#828183, endColorstr=#8b8b8d); 
-ms-filter:'progid:DXImageTransform.Microsoft.Gradient(gradientType=0,startColorStr=#828183,endColorStr=#8b8b8d)'; 
-pie-background:linear-gradient(#828183, #8b8b8d);

It can take quite a lot of CSS code to have gradients render properly across all browsers. Not all browsers support gradients via CSS and each browser implements it differently. Each background line of code above applies gradients to a different browser. The pie-background property is used to apply more complex gradients to IE, such as those including radial gradients or color stops.

In the image above, a small gradient is used at the top of the grey box.

Implementing CSS3 Properties Using CSS3 Pie

Up until now, we have shown you how to use a few of the CSS3 properties we have used in our projects. Now, we will take a look at how to apply CSS3Pie to these elements.

#node-43 div.panel-col-top div.inside, div.nav-header { 
  position:relative; 
  behavior:url("sites/all/themes/ilyb/css/PIE.htc"); 
}

The above code is an example implementation of how to include CSS3Pie into your projects. Each element with a CSS3 property is listed, then the additional properties are applied. The behavior property is used to load the CSS3Pie library. Make sure to set the path to the htc file from the web root. The position relative property is used to make sure the bahaviors are applied properly in IE7.

Blog Type:

Technical

Security Through Obscurity

Bryan Jones — Wed, 18 Jan 2012 17:36:13 +0000

While security through obscurity is often looked down upon, it can really help your site against newbie hackers. By default, Drupal shows files such as CHANGELOG.txt, INSTALL.txt, and README.txt. These files contain information about your current Drupal distribution that could potentially be used to wreak havoc on your site.

As a test, type your site name with CHANGELOG.txt as the path. For example www.site-name.com/CHANGELOG.txt. You will see that this brings up a text file with the current version of your site. A hacker can use this to see if you are on an older version. They can then look up security flaws for the version you are on and use this to start attacking your site.

Preventing these files from being shown is quite easy. In your .htaccess file found at your document root, just add these lines:

<FilesMatch "^(CHANGELOG|README|INSTALL|MAINTAINERS).*\.txt$">
  Deny from All
</FilesMatch>

The code will look for any file in the format of the names presented in the regular expression above. This will catch files such as CHANGELOG.txt and also INSTALL.*.txt. While hiding this files will not guarantee site safety, it does give you a little boost against would be hackers.

We would like to thank Greggles for contributing the following post: http://drupalscout.com/knowledge-base/hiding-fact-your-site-runs-drupal-or-fingerprinting-drupal-site which gives a much broader aspect to this type of "security".

Blog Type:

Technical

Blog posts drive traffic

Rick Nashleanas — Sun, 15 Jan 2012 16:48:06 +0000

It is difficult to write blog posts. Frankly, it can be difficult to write, period. Like a doctor suggesting that you should lose weight or exercise, I get the "Yea, I know" response from my general business customers when I suggest that they write regular blog posts.

It is not any easier for the folks here at Monarch Digital to write valuable content for our web site. I just wanted to share our Google Analytics when we posted http://www.monarchdigital.com/blog/2012-01-13/something-everyone-drupalcon-denver at about 3 pm on Friday afternoon, January 13.

Now, most of your posts will not immediately generate huge amounts of traffic to your site. You must nurture or plug into an audience who is genuinely interested in your content and will help promote it for you.

OK, enough preaching.

Blog Type:

Business

Something for Everyone at Drupalcon Denver

Rick Nashleanas — Fri, 13 Jan 2012 18:14:37 +0000

To my friends and customers:

Along with many people in the Colorado Drupal community, I have been working very hard to bring the very best, from nitty-gritty coding to enterprise web strategy, to Drupalcon Denver. Here, I'm going to tell you why so many of the people I know could hook up with sessions and content that you will be able to immediately use when you return to work.

Are you a business person who has a Drupal site or wants perspective on website alternatives?

Whether your background is financial, general business or technical, our Drupal Means Business "conference in a conference" can give you business perspective on best practices in website development and how Drupal fits in that picture. You'll have plenty of time to meet other business professionals to share experiences in website development using Drupal and other technologies.

DMB is a full day of sessions on Thursday, March 22, from 10:30 am to 4 pm at the Colorado Convention Center. Lunch and attendance at the closing session for all of Drupalcon Denver is included. Check it out and sign up here.

You put together a Drupal site, but you're not a heavy duty coder. Now what?

Our Site Building track was constructed for non-coders who configure Drupal sites and manage content. See case studies from Martha Stewart and zagat.com. Learn about incorporating media into your website or using forms as a survey tool. Unlike other, more technical tracks, Site Building is designed to appeal to folks who can configure Drupal and install modules, but not necessarily code complex custom modules. Don't forget about the Business and Strategy track!

Do you work for a school, a nonprofit or a governmental organization?

Drupal has become the preferred web technology for education, nonprofits and governmental organizations. (39% of .edu domains run Drupal.) Drupalcon Denver has a dedicated track exclusively for nonprofits, including sessions from CU Boulder, whitehouse.gov, the ACLU, energy.gov and more. You won't find a mor e relevant set of website development sessions directed to your organization anywhere.

Are you looking for ecommerce alternatives?

And who isn't? Learn best practices from the leaders in Drupal Commerce, including recurring payments, PCI compliance and more. Again, don't forget about the Business and Strategy track.

Do you need to get your site into the mobile world?

"Collaborative Publishing for Every Device" is the conference theme for Drupalcon Denver. If you're not addressing mobile platforms for your site, you're missing massive opportunities. This year's Drupalcon has an entire track on mobile development and strategies.

Do you run a Drupal development shop?

The CXO sessions are specifically for you. Huddle with other folks in Drupal development and share problems and challenges.

Are you a website designer?

In addition to the theming topics in the mobile track, we have a track focusing on Design and User Experience (UX). Learn about SASS, html 4 S, responsive design and so much more.

Are you a heavy-duty sysadmin or php coder?

Then, the coder track is for you. Learn the lastest tips and tricks from the best in the business. Seeing is believing. Check out the coder track here.

Do you contribute back to the Drupal code base? Would you like to?

Drupal's strongest asset is its passionate community and the contributions it gets back from people like you. Learn how to plug into the wider Drupal community with our Community track. If you are already contributing to core Drupal, you probably already know about the Core Conversations track. Also, don't miss the code sprints, where Drupalers work together to improve Drupal right on site.

Besides all of this, you will be able to huddle with other folks in Drupal development and share problems, challengs and solutions in BoF (Birds of a Feather) sessions. Someone identifies a topic and folks gather to explore that topic in depth.

Looking for training? Pre-conference training is available Monday, March 19.

All work and no play is... well, it's just not good for you. Check out Tuesday night's party.

Here are all the tracks at Drupalcon:

Next step? Sign up right now. At a minimum, sign up for the Drupalcon Denver newsletter.

Blog Type:

Business

Catching up with DrupalCon Denver

Rick Nashleanas — Wed, 28 Dec 2011 21:01:00 +0000

I can't believe that I haven't blogged about Drupalcon Denver since November 13. Let me catch you up and tell you what I had meant to blog about.

November 17 was the culmination of months of preparation, work, organization and negotiation as we published the first wave of selected Drupalcon Denver sessions. The flurry of activity was crazy. Our chat room conversations were stepping all over one another. Invariably, the folks who were selected to speak thought the track chairs were brilliant and those who were not selected thought we had our head up our.... sleeves.

Potential blog post title: Adding bacon makes everything better, even Drupalcon Denver session selection.

I could not ask for a more conscientious group of volunteer track chairs. They were making extremely difficult decisions with the best interests of the community in mind. In some meetings, some people asked for a reason that their session wasn't selected. Thankfully, Jacob Redding explained that the track chairs were just volunteers and to pile on the burden of responding to every track submission would simply make any future track chair volunteers scarce.

Potential blog post title: Volunteer to be a DrupalCon track chair; it won't hurt that badly.

There was a natural let-down, more like a deep breath, after the sessions were selected. Things got quiet as all these volunteers tried to catch up on their day jobs after being yanked away in IRC discussions, pm's, Skype calls and emails. At the same time, we all knew that our jobs are not yet complete. Some tracks still have open session slots to be selected by January 11.

Potential blog post title: On second thought, you do want to be a Drupalcon track chair.

Part of the reason that I volunteered to be the content manager of Drupalcon Denver and that I excessively document our meeting agendas and minutes is to let future DrupalCon volunteers to know what worked and what didn't work for us. All of this documentation is in an Open Atrium site. I had the pleasure of giving the team lead of Drupalcon Munich, Florian Loretan, and his content manager, Jos Doekbrijder, an introduction to our process in a Skype call along with access to our Open Atrium site.

Potential blog post title: DrupalCon Denver -> an even better DrupalCon Munich.

I've had long discussions with Rick Manelius, who is leading the Drupal Means Business event for general business types and CXO's on the Thursday of DrupalCon Denver. "Rick M" (versus "Rick N", i.e. me) have discussed how there are more and more opportunities to plug in volunteers who have a general business background. These opportunities are often not as easy to find and can be rather intimidating to volunteer for. If you are an English major (er, I mean project manager) and Drupal has been good to you, take a deep breath and give back using your unique set of skills.

Potential blog post title: DrupalCon and Drupal itself continues to grow up.

Previous: Sudo Make me a DrupalCon

Blog Type:

Business

Sudo Make me a DrupalCon

Rick Nashleanas — Sun, 13 Nov 2011 14:09:30 +0000

"Sudo make me a DrupalCon." If it were only that simple.

Around our house, "Sudo, make me a sandwich" will always evoke a smile. Unless you know Linux, you don't get it. As Noam Cohen wrote "Analyzing this joke is like dissecting a frog, it can be done, but the frog dies."

"Sudo" is a 'nix command that gives you godlike powers to do anything on the machine you're on. So, around our house, "Sudo do the dishes" commands the respect and demands the attention of the recipient to, hopefully, do the dishes immediately. (Personally, I prefer it when my wife says "Sudo give me a kiss.")

In my last DrupalCon Denver post, I was honest about the problems and disagreements among the team and community about the large, strategic decisions in putting on DrupalCon. Of course, this is to be expected among a diverse group of Drupalistas, especially among a group that is as passionate as the Denver team is to put on the best Drupalcon ever. Yet, I'm afraid that my last post might have been, well, depressing.

Now that we're looking in our rear view mirror at those controversies, the DrupalCon Denver track chairs are deep into evaluating and selecting sessions. We are having substantive discussions in IRC and on Skype about the current and future state of technologies, businesses, and Drupal. This is the fun stuff!

But it is also difficult. We received between 500 and 600 session proposals for 91 slots (not including the 13 slots for core conversations). The importance, relevance and significance of the presentation proposals were amazing, making the track chairs' jobs even more difficult. If I remember correctly, Drupalcon Denver has more session slots than any previous DrupalCon.

As the person who is overseeing content, the process of putting on DrupalCon Denver is going well. Not easy, but well. Not as easy as "Sudo make me a DrupalCon", but through the dedicated work of the DrupalCon Team, it looks like DrupalCon Denver will be absolutely awesome.

Previous: DrupalCon: Blood, Sweat and Fears

Next: Catching up with Drupalcon Denver

Blog Type:

Business

Drupalcon Denver: Blood, Sweat and Fears

Rick Nashleanas — Mon, 31 Oct 2011 22:38:12 +0000

Here, I've informally taken on the role of documenting the organizational and people-oriented side of putting on a Drupalcon, specifically Drupalcon Denver. I didn't write last week as, well, things were up in the air.

From what I understand, every Drupalcon has at least one point in the process where there is a divergence of opinion (I'm trying to be as nice as I can here) and the process is thrown into disarray. I will not air any of our dirty laundry here, but the genesis of most of our problems is that the entire Drupalcon Denver team is extremely passionate about putting on the best event possible. Sometimes, the concept of what is "best" is not shared by everyone. Frankly, I could be talking about contributing code to an open source project.

Although online tools serve us all very well, there are just times that nothing will substitute for getting together face to face. Many thanks to Neil Kent from the Drupal Association on flying out from Atlanta to talk this out at a dinner in Denver. However, Neil, next time, could you please pick a time that would not require that we drive back late at night during an early season snowstorm?

So, what did we learn?

Communications is hard. Even though the Colorado Drupal community has worked together to put on Drupalcamp Colorado, we've pulled in more volunteers, the Drupal Association is involved and we all prefer different ways of communicating. Without going into details, everyone is now going out of their way to communicate issues and reach out more than ever before. As this is so difficult with volunteers trying to make a living at their day job, I'm sure we will slip again in the near future.

No one has the silver bullet. Each Drupalcon is different. Yet, with our global track chairs and the Drupal Association personnel, we are trying to learn the best ways to put on a Drupalcon without falling into the same holes as the past. Some decisions translate perfectly from one Drupalcon to the next... From one group of volunteer organizers to the next... Some don't.

Work. In my other blog posts, I enthusiastically encouraged you to volunteer to help put on a Drupalcon if you have the opportunity. I still recommend it, but be aware that certain leadership roles can really consume your time. At Monarch, we use Harvest to track our time. I don't really break out my time between Drupalcon and organizing the Southern Colorado User Group, but I've spent 219 hours so far this year working on these two projects. I couldn't do this without my great staff at Monarch. (Thanks James and Bryan.) Things can obviously get tense when business appears to be suffering while Drupalcon tasks are demanding attention. Would I do it again? You bet!

We learned much more than just this. But I feel that our group has grown and I hope that the next Drupalcon volunteers will not have the problems we encountered. They will have their own issues. We are all continuing to learn and grow. The "All I Needed to Know, I Learned in Kindergarten" rules apply here: Share, play fair, don't hit... We are the Drupal community.

Previous: Submit your sessions for Drupalcon Denver

Next: Sudo Make me a Drupalcon

Blog Type:

Business

Drupalcon Denver session submissions close on Wednesday, October 26

Rick Nashleanas — Thu, 20 Oct 2011 22:27:31 +0000

Session proposals are still being accepted for the next DrupalCon, being held at the Colorado Convention Center in Denver, March 19 -23, 2012. The conference theme is "Collaborative Publishing for Every Device" and the deadline to submit sessions is October 26, 2011 23:59:59 UTC/GMT -7. Submit your session today!

DrupalCon Denver will be focusing on 8 significant areas of expertise and of particular interest to Drupal users and developers alike. Preference will be given to session ideas that examine the following tracks and how they relate to the conference theme:

Site Building
Coding and Development
Design and User Experience
Drupal Community
Business Strategy
Mobile
Commerce
Nonprofit, Government and Education

These session tracks descriptions are available online, so make sure to visit the official DrupalCon Denver website to learn more.

Session ideas are posted online as they are submitted - see the list of sessions proposed so far. The final selections picked from all session submissions will be announced on November 16, 2011 and the final DrupalCon Denver schedule will be live on December 7, 2011. Any and all proposals are welcome -- help keep DrupalCon 100% powered by You!

Blog Type:

Business