LDAP Integration w/Drupal 5.x

First off, I honestly do not like Drupal that much. Nothing personal, but I prefer systems that allow developers to fully customize the system they're using. Many may say that Drupal does that but I don't agree. I feel Drupal is perfect for non-developers to get websites up and running and to allow them the ability to add some cool features in there at the same time. But in my experience, I've always had much more control over the system that I was developing. It was hard to accept working in a system developed by someone else that has nothing to do with the company. But this isn't the first Drupal project I've done and as long as clients are clients, I don't assume this will be the last either.

Anyways, I'm now seeing how much Drupal has been really helpful in implementing this internal network for one of my clients. Considering that the interanet will not be a normal "web site", I did some research and figured that using the Drupal CMS was my best option. There are several LDAP addons that I've utilized to get all of this started. And a few others that make it perfect for internal users to stay in touch without the complications of using multiple systems and urls.

Here is what I was assigned to do in the beginning:

Create homepage with Drupal
Integrate Drupal with LDAP so it can be used as a company directory
This has to be done on 6 servers for redundancy (Test, QA and PROD - each instance with a database server and file server)
Use the SCRUM project methodology

Now of course there is always a catch to every project. Here are a few with this one:

Linux/Apache/MySQL/PHP servers and packages were not readily available and had to be downloaded and installed (with the exception of Linux)
Thier Active Directory (AD) setup places users in different OUs based on their division
Employee Photos are not all in one place, have no naming convention and there are a lot of possible duplicates
Groups are defined as an LDAP attribute for each user (I'll explain why this is a catch later)
All current directories, excluding the company directory, are currently stored in Lotus Notes which is much out of date and much of the information hasn't been updated in years
The company utilizes Google Apps for email, document sharing and the calendar which is good, however, the bad part is that LDAP passwords cannot be synced with Google causing people to manage at least 2 passwords excluding any other systems they currently use

Scrum

Before the project even started, we made use of a project methodology that is new to me, SCRUM. Basically, in a nutshell, SCRUM is focused on deliverables within certain time constraints, usually 15 business day increments but can also be as much as 30 business day increments. The people involved in the SCRUM team are the SCRUM master, the developer, business users, the project manager and other technical support individuals that will be involved with the project.

There are meetings involved with the team from the beginning of the SCRUM to the end date of the deliverable. Each SCRUM is broken into parts which end in a product or part of the product to be delivered to the business users. And a key note is that the deliverable must be useful in some way to the business users. There is a meeting at the beginning of each phase or "Sprint" and daily 15 min meetings each day. The 15 min meetings are specifically for the Scrum master to find out 3 things from each person: What they did yesterday, what they are doing today and if there were any issues.

This project methodology is useful in some ways and I think that with some more practice and use, it will be very easy for me to use. However, there are some issues that can be developed from using this methodology as you will see from this article and my point of view of the problems that I came accross.

The Project

1. First thing is getting the servers up and running. We have to setup 6 servers but since we will not be using the PROD servers or QA servers yet, we have only brought up the test servers (database server and file server for web files). For this environment, we are able to setup each server as a virtual machine running on a cloud network. To manage the servers, I am using PuTTY to SSH into the server and a VNC viewer to remote into the server to use the GUI.

Since I'm working directly with the IT team on this project, I have others that setup the servers for me with the packages that I need: MySQL, PHP and numerous PHP modules. Our team also had an initial meeting/brainstory session to discuss the posibilities and the needs that we had for the intranet.

This doesn't take too long in terms of actual work and setup. Once you have Apache setup along with the other parts of the LAMP server, you can simply test that by going to your server address in the browser. If you already have an index.html file in there then you should see that, otherwise you will see an apache error stating that there is no file access allowed. If you don't see either of those then your apache setup has an issue. Restart apache '/etc/init.d/apache2 stop' then '/etc/init.d/apache2 start'. If that doesn't work then try the process over and check other parts of your setup until you are able to figure it out.

2. Next is installing the CMS. And of course getting Drupal installed is not a big problem. If it is, then you need to go and hire a web developer to do this work for you rather than doing it yourself and wasting money having to troubleshoot some of the technical issues that may come up. To download drupal go to http://drupal.org/node/732004. This document is based on Drupal 5.x. I don't know if all of the modules will be compatible with Drupal 6 or 7. This is important because Drupal 5 will stop development once Drupal 7 is released.

That is one of the issues I have with Drupal. And there are good and bad points to it. Since there is such a wide network of users creating modules, if you plan to use many different modules, you have to be careful because you are limited to which version of Drupal you use based on which version the module was developed for. So be careful there. However, the bright side is that if you are a developer, for the most part, you should be able to edit the modules to adhere to the new version of Drupal.

Once you get Drupal installed and can preview the main page in the browser, you've reached a good point to start getting some actual data and input from the team.

3. Design and structuring is next. What do you want it to look like? In my project, we actually did design after we had much of the functionality in place. Not by design, for sure. But thanks to the Advertising department, we were delivered a beautiful design to use. So easy work for me to implement it when it comes over.

Another issue we had was finding the photos for each employee. There are several different divisions split over 6 states and each has their own HR team. The intranet will help with that and with this change, we will have all images centralized and available to all employees easily through the browser.

(Sharepoint Drupal Theme: http://www.rilpartner.se/en/rilpoint-sharepoint-look-alike-drupal-and-mediawiki-skin)

4. LDAP Integration is the next task that I tackled. This is pretty easy if you know what you're doing when it comes to LDAP and PHP. Here is a good link on how to create profiles http://rajeev.name/2007/07/21/drupal-profiles-with-active-directory-integration/.

The Modules you need are LDAP Integration (Required), LDAP Groups, LDAP Directory, LDAP Sync, LDAP Auth and LDAP Data. Each has it's own purpose in the system and is needed for what I want to accomplish.