Category Archives: CMS

Content Management Systems are software, so many designers fail to get this, and this is why you need a skilled developer to build, manage and maintain your corporate Web CMS.

WordPress Default Error Codes (also good for other systems)
Date Created: July 13, 2017  Date Modified: July 13, 2017

WordPress error codes sit in functions.php, they are well worth learning–especially if you are not familiar with error codes.


100 => 'Continue',
101 => 'Switching Protocols',
102 => 'Processing',

200 => 'OK',
201 => 'Created',
202 => 'Accepted',
203 => 'Non-Authoritative Information',
204 => 'No Content',
205 => 'Reset Content',
206 => 'Partial Content',
207 => 'Multi-Status',
226 => 'IM Used',

300 => 'Multiple Choices',
301 => 'Moved Permanently',
302 => 'Found',
303 => 'See Other',
304 => 'Not Modified',
305 => 'Use Proxy',
306 => 'Reserved',
307 => 'Temporary Redirect',
308 => 'Permanent Redirect',

400 => 'Bad Request',
401 => 'Unauthorized',
402 => 'Payment Required',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
406 => 'Not Acceptable',
407 => 'Proxy Authentication Required',
408 => 'Request Timeout',
409 => 'Conflict',
410 => 'Gone',
411 => 'Length Required',
412 => 'Precondition Failed',
413 => 'Request Entity Too Large',
414 => 'Request-URI Too Long',
415 => 'Unsupported Media Type',
416 => 'Requested Range Not Satisfiable',
417 => 'Expectation Failed',
418 => 'I\'m a teapot',
421 => 'Misdirected Request',
422 => 'Unprocessable Entity',
423 => 'Locked',
424 => 'Failed Dependency',
426 => 'Upgrade Required',
428 => 'Precondition Required',
429 => 'Too Many Requests',
431 => 'Request Header Fields Too Large',
451 => 'Unavailable For Legal Reasons',

500 => 'Internal Server Error',
501 => 'Not Implemented',
502 => 'Bad Gateway',
503 => 'Service Unavailable',
504 => 'Gateway Timeout',
505 => 'HTTP Version Not Supported',
506 => 'Variant Also Negotiates',
507 => 'Insufficient Storage',
510 => 'Not Extended',
511 => 'Network Authentication Required',

I hope this helps for when customizing WordPress.

LDAP Error table
Date Created: December 17, 2015  Date Modified: December 17, 2015

I was debugging my LDAP bridge and felt I needed to put these here

Error / Data Code Error Description
0 LDAP_SUCCESS Indicates the requested client operation completed successfully.
1 LDAP_OPERATIONS_ERROR Indicates an internal error. The server is unable to respond with a more specific error and is also unable to properly respond to a request. It does not indicate that the client has sent an erroneous message. In NDS 8.3x through NDS 7.xx, this was the default error for NDS errors that did not map to an LDAP error code. To conform to the new LDAP drafts, NDS 8.5 uses 80 (0x50) for such errors.
2 LDAP_PROTOCOL_ERROR Indicates that the server has received an invalid or malformed request from the client.
3 LDAP_TIMELIMIT_EXCEEDED Indicates that the operation’s time limit specified by either the client or the server has been exceeded. On search operations, incomplete results are returned.
4 LDAP_SIZELIMIT_EXCEEDED Indicates that in a search operation, the size limit specified by the client or the server has been exceeded. Incomplete results are returned.
5 LDAP_COMPARE_FALSE Does not indicate an error condition. Indicates that the results of a compare operation are false.
6 LDAP_COMPARE_TRUE Does not indicate an error condition. Indicates that the results of a compare operation are true.
7 LDAP_AUTH_METHOD_NOT_SUPPORTED Indicates that during a bind operation the client requested an authentication method not supported by the LDAP server.
8 LDAP_STRONG_AUTH_REQUIRED Indicates one of the following: In bind requests, the LDAP server accepts only strong authentication.

In a client request, the client requested an operation such as delete that requires strong authentication. In an unsolicited notice of disconnection, the LDAP server discovers the security protecting the communication between the client and server has unexpectedly failed or been compromised.

9 Reserved.
10 LDAP_REFERRAL Does not indicate an error condition. In LDAPv3, indicates that the server does not hold the target entry of the request, but that the servers in the referral field may.
11 LDAP_ADMINLIMIT_EXCEEDED Indicates that an LDAP server limit set by an administrative authority has been exceeded.
12 LDAP_UNAVAILABLE_CRITICAL_EXTENSION Indicates that the LDAP server was unable to satisfy a request because one or more critical extensions were not available. Either the server does not support the control or the control is not appropriate for the operation type.
13 LDAP_CONFIDENTIALITY_REQUIRED Indicates that the session is not protected by a protocol such as Transport Layer Security (TLS), which provides session confidentiality.
14 LDAP_SASL_BIND_IN_PROGRESS Does not indicate an error condition, but indicates that the server is ready for the next step in the process. The client must send the server the same SASL mechanism to continue the process.
15 Not used.
16 LDAP_NO_SUCH_ATTRIBUTE Indicates that the attribute specified in the modify or compare operation does not exist in the entry.
17 LDAP_UNDEFINED_TYPE Indicates that the attribute specified in the modify or add operation does not exist in the LDAP server’s schema.
18 LDAP_INAPPROPRIATE_MATCHING Indicates that the matching rule specified in the search filter does not match a rule defined for the attribute’s syntax.
19 LDAP_CONSTRAINT_VIOLATION Indicates that the attribute value specified in a modify, add, or modify DN operation violates constraints placed on the attribute. The constraint can be one of size or content (string only, no binary).
20 LDAP_TYPE_OR_VALUE_EXISTS Indicates that the attribute value specified in a modify or add operation already exists as a value for that attribute.
21 LDAP_INVALID_SYNTAX Indicates that the attribute value specified in an add, compare, or modify operation is an unrecognized or invalid syntax for the attribute.
22-31 Not used.
32 LDAP_NO_SUCH_OBJECT Indicates the target object cannot be found. This code is not returned on following operations: Search operations that find the search base but cannot find any entries that match the search filter. Bind operations.
33 LDAP_ALIAS_PROBLEM Indicates that an error occurred when an alias was dereferenced.
34 LDAP_INVALID_DN_SYNTAX Indicates that the syntax of the DN is incorrect. (If the DN syntax is correct, but the LDAP server’s structure rules do not permit the operation, the server returns LDAP_UNWILLING_TO_PERFORM.)
35 LDAP_IS_LEAF Indicates that the specified operation cannot be performed on a leaf entry. (This code is not currently in the LDAP specifications, but is reserved for this constant.)
36 LDAP_ALIAS_DEREF_PROBLEM Indicates that during a search operation, either the client does not have access rights to read the aliased object’s name or dereferencing is not allowed.
37-47 Not used.
48 LDAP_INAPPROPRIATE_AUTH Indicates that during a bind operation, the client is attempting to use an authentication method that the client cannot use correctly. For example, either of the following cause this error: The client returns simple credentials when strong credentials are required…OR…The client returns a DN and a password for a simple bind when the entry does not have a password defined.
49 LDAP_INVALID_CREDENTIALS Indicates that during a bind operation one of the following occurred: The client passed either an incorrect DN or password, or the password is incorrect because it has expired, intruder detection has locked the account, or another similar reason. See the data code for more information.
49 / 52e AD_INVALID CREDENTIALS Indicates an Active Directory (AD) AcceptSecurityContext error, which is returned when the username is valid but the combination of password and user credential is invalid. This is the AD equivalent of LDAP error code 49.
49 / 525 USER NOT FOUND Indicates an Active Directory (AD) AcceptSecurityContext data error that is returned when the username is invalid.
49 / 530 NOT_PERMITTED_TO_LOGON_AT_THIS_TIME Indicates an Active Directory (AD) AcceptSecurityContext data error that is logon failure caused because the user is not permitted to log on at this time. Returns only when presented with a valid username and valid password credential.
49 / 531 RESTRICTED_TO_SPECIFIC_MACHINES Indicates an Active Directory (AD) AcceptSecurityContext data error that is logon failure caused because the user is not permitted to log on from this computer. Returns only when presented with a valid username and valid password credential.
49 / 532 PASSWORD_EXPIRED Indicates an Active Directory (AD) AcceptSecurityContext data error that is a logon failure. The specified account password has expired. Returns only when presented with valid username and password credential.
49 / 533 ACCOUNT_DISABLED Indicates an Active Directory (AD) AcceptSecurityContext data error that is a logon failure. The account is currently disabled. Returns only when presented with valid username and password credential.
49 / 568 ERROR_TOO_MANY_CONTEXT_IDS Indicates that during a log-on attempt, the user’s security context accumulated too many security IDs. This is an issue with the specific LDAP user object/account which should be investigated by the LDAP administrator.
49 / 701 ACCOUNT_EXPIRED Indicates an Active Directory (AD) AcceptSecurityContext data error that is a logon failure. The user’s account has expired. Returns only when presented with valid username and password credential.
49 / 773 USER MUST RESET PASSWORD Indicates an Active Directory (AD) AcceptSecurityContext data error. The user’s password must be changed before logging on the first time. Returns only when presented with valid user-name and password credential.
50 LDAP_INSUFFICIENT_ACCESS Indicates that the caller does not have sufficient rights to perform the requested operation.
51 LDAP_BUSY Indicates that the LDAP server is too busy to process the client request at this time but if the client waits and resubmits the request, the server may be able to process it then.
52 LDAP_UNAVAILABLE Indicates that the LDAP server cannot process the client’s bind request, usually because it is shutting down.
53 LDAP_UNWILLING_TO_PERFORM Indicates that the LDAP server cannot process the request because of server-defined restrictions. This error is returned for the following reasons: The add entry request violates the server’s structure rules…OR…The modify attribute request specifies attributes that users cannot modify…OR…Password restrictions prevent the action…OR…Connection restrictions prevent the action.
54 LDAP_LOOP_DETECT Indicates that the client discovered an alias or referral loop, and is thus unable to complete this request.
55-63 Not used.
64 LDAP_NAMING_VIOLATION Indicates that the add or modify DN operation violates the schema’s structure rules. For example,

The request places the entry subordinate to an alias. The request places the entry subordinate to a container that is forbidden by the containment rules. The RDN for the entry uses a forbidden attribute type.

65 LDAP_OBJECT_CLASS_VIOLATION Indicates that the add, modify, or modify DN operation violates the object class rules for the entry. For example, the following types of request return this error:

The add or modify operation tries to add an entry without a value for a required attribute. The add or modify operation tries to add an entry with a value for an attribute which the class definition does not contain. The modify operation tries to remove a required attribute without removing the auxiliary class that defines the attribute as required.

66 LDAP_NOT_ALLOWED_ON_NONLEAF Indicates that the requested operation is permitted only on leaf entries. For example, the following types of requests return this error:

The client requests a delete operation on a parent entry. The client request a modify DN operation on a parent entry.

67 LDAP_NOT_ALLOWED_ON_RDN Indicates that the modify operation attempted to remove an attribute value that forms the entry’s relative distinguished name.
68 LDAP_ALREADY_EXISTS Indicates that the add operation attempted to add an entry that already exists, or that the modify operation attempted to rename an entry to the name of an entry that already exists.
69 LDAP_NO_OBJECT_CLASS_MODS Indicates that the modify operation attempted to modify the structure rules of an object class.
70 LDAP_RESULTS_TOO_LARGE Reserved for CLDAP.
71 LDAP_AFFECTS_MULTIPLE_DSAS Indicates that the modify DN operation moves the entry from one LDAP server to another and requires more than one LDAP server.
72-79 Not used.
80 LDAP_OTHER Indicates an unknown error condition. This is the default value for NDS error codes which do not map to other LDAP error codes.

LDAP Alfresco (global properties)
Date Created: December 8, 2015  Date Modified: January 17, 2016

I found this useful so I thought I’d post it

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap

# This flag enables use of this LDAP subsystem for authentication. It may be
# that this subsytem should only be used for synchronization, in which case
# this flag should be set to false.
ldap.authentication.active=true

#
# This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
#
ldap.authentication.allowGuestLogin=true

# How to map the user id entered by the user to that passed through to LDAP
ldap.authentication.userNameFormat=uid=%s,ou=users,dc=armundia,dc=com

# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory

# The URL to connect to the LDAP server
ldap.authentication.java.naming.provider.url=ldap://ldap.....com:389

# The authentication mechanism to use for password validation
ldap.authentication.java.naming.security.authentication=simple

# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false

# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
# pulled in as part of an LDAP sync

# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false

# Comma separated list of user names who should be considered administrators by default
ldap.authentication.defaultAdministratorUserNames=....

# This flag enables use of this LDAP subsystem for user and group
# synchronization. It may be that this subsytem should only be used for
# authentication, in which case this flag should be set to false.
ldap.synchronization.active=true

# The authentication mechanism to use for synchronization
ldap.synchronization.java.naming.security.authentication=simple

# The default principal to use (only used for LDAP sync)
ldap.synchronization.java.naming.security.principal=cn\=ldap,dc\=armundia,dc\=com

# The password for the default principal (only used for LDAP sync)
ldap.synchronization.java.naming.security.credentials=.....

# If positive, this property indicates that RFC 2696 paged results should be
# used to split query results into batches of the specified size. This
# overcomes any size limits imposed by the LDAP server.
ldap.synchronization.queryBatchSize=0

# If positive, this property indicates that range retrieval should be used to fetch
# multi-valued attributes (such as member) in batches of the specified size.
# Overcomes any size limits imposed by Active Directory.
ldap.synchronization.attributeBatchSize=0

# The query to select all objects that represent the groups to import.
ldap.synchronization.groupQuery=(objectclass\=groupOfNames)

# The query to select objects that represent the groups to import that have changed since a certain time.
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0}))) # The query to select all objects that represent the users to import. ldap.synchronization.personQuery=(objectclass\=inetOrgPerson) # The query to select objects that represent the users to import that have changed since a certain time. ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0}))) # The group search base restricts the LDAP group query to a sub section of tree on the LDAP server. ldap.synchronization.groupSearchBase=dc\=roles,dc\=alfresco,dc\=armundia,dc\=com # The user search base restricts the LDAP user query to a sub section of tree on the LDAP server. ldap.synchronization.userSearchBase=dc\=users,dc\=armundia,dc\=com # The name of the operational attribute recording the last update time for a group or user. ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp # The timestamp format. Unfortunately, this varies between directory servers. ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z' # The attribute name on people objects found in LDAP to use as the uid in Alfresco ldap.synchronization.userIdAttributeName=uid # The attribute on person objects in LDAP to map to the first name property in Alfresco ldap.synchronization.userFirstNameAttributeName=givenName # The attribute on person objects in LDAP to map to the last name property in Alfresco ldap.synchronization.userLastNameAttributeName=sn # The attribute on person objects in LDAP to map to the email property in Alfresco ldap.synchronization.userEmailAttributeName=mail # The attribute on person objects in LDAP to map to the organizational id property in Alfresco ldap.synchronization.userOrganizationalIdAttributeName=o # The default home folder provider to use for people created via LDAP import ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider # The attribute on LDAP group objects to map to the authority name property in Alfresco ldap.synchronization.groupIdAttributeName=cn # The attribute on LDAP group objects to map to the authority display name property in Alfresco ldap.synchronization.groupDisplayNameAttributeName=description # The group type in LDAP ldap.synchronization.groupType=groupOfNames # The person type in LDAP ldap.synchronization.personType=inetOrgPerson # The attribute in LDAP on group objects that defines the DN for its members ldap.synchronization.groupMemberAttributeName=member # If true progress estimation is enabled. When enabled, the user query has to be run twice in order to count entries. ldap.synchronization.enableProgressEstimation=true # Requests timeout, in miliseconds, use 0 for none (default) ldap.authentication.java.naming.read.timeout=0

Source:
https://forums.alfresco.com/forum/installation-upgrades-configuration-integration/authentication-ldap-sso/ldap-authentication-7

Alfresco in a Perth Summer
Date Created: December 1, 2015  Date Modified: December 1, 2015

Alfresco was never my fav or most used EDMS (TRIM, and SharePoint are by far the most used), but a new contract has me developing with this system again and there are quite a few changes between the last version I worked with to this one–5.0.d.

Nobody wants to have to remember 2 different logins for their business processes, so LDAP to AD was the primary goal to kick. PhpLDAPAdmin made this easier, its like PhpMyAdmin, but not for MySQL–its for LDAP!.

Another help in this was the following blog post:
http://geofoss.net/2015/07/10/alfresco-5-0-ldap-authentication/

GreenScreen Updates
Date Created: January 17, 2013  Date Modified: January 27, 2013

the GreenScreen child theme I made for this blog has been updated and the project is now hosted on github. The repository with the CSS and lack of release notes can be easily found.

The theme now supports Disqus comments and is almost ready for live deployment.

UPDATE 27.1.13: I have added the github commits RSS to the right hand widget area on this and the plugin page…

An AGLC3 Plugin
Date Created: October 6, 2012  Date Modified: October 8, 2012

I decided after posting my first LAW150 assignment I realised that lawyers dont really hate HTML, its just too much effort to manually code tags or worse still paste MS Word generated HTML into most web text areas.

A simple solution would be to hack the CSS and add things like Act classes, but that would be out of the scope for some legal bloggers who have to dedicate more time to legal research than learning how to CSS.

It was pointed out early on that one could use the “i” button, well that puts text in <em> tags, which for Accessibility, is not appropriate.

A BETTER solution would be to create a simple WordPress plugin that adds the functionality without having to manually edit any CSS files.

To use this with the shortcode, simply place the square brackets around the [ Act ] Name of the Act [ /Act ] 2001. Im currently working on shortcodes for Australian jurisdictions to make it even easier for those “dumb lawyers” 🙂

This is still in BETA, as I just started this on a rainy Sunday morning; I aim to create a short code for this to simplify it even more, but for now its in a testing stage.

UPDATE: Now prints 12pt Times, but I dont use printers so I cant test it (too many years not printing things @DEC)

Update and revert
Date Created: August 20, 2012  Date Modified: May 12, 2013

I decided that my customisations to the twentyeleven theme were getting a bit unmanageable and my timeline for putting the CSS together in a child theme is running out. Back to square one, goodbye funky CSS3 styles (they will be back). I will have a new theme coming in the new year, but for now its OOTB wordpress.

UPDATE 13-5-2013: Well it’s certainly into the new year and I have been doing a bit of site maintenance, so Im linking any posts mentioning an earlier theme to the GreenScreen Theme page.

WordPress 3.4
Date Created: June 14, 2012  Date Modified: January 21, 2013

Just upgraded wordpress to this blog, and in typical wordpress efficiancy it updated without a hitch. Im not a big fan of the theme editor, but I see it adding value to the brand. Im not going to rag on about it, I’ll just let their promotional video do that:

UPDATE 21.1.13:Since this is random edit your blog day I had decided to centre the vid in a div… Such an exciting life

DEC Education Portal
Date Created: April 3, 2012  Date Modified: May 2, 2012

I just recently worked on the DEC education portal, which was to conglomerate the handfull of community education sites; Ribbons of Blue, Airwatch and WasteWise, into one web portal. Some irony here that would be missed by most readers (Discourse of Deranged readers may remember!), that is Ribbons of Blue being a Swan River Trust initative, SRT being a former employer of mine–and when I was employed by the Trust, I was not allowed to work on their site.

UPDATE: this is the view from my office:

A view money just cant buy

and to give you an example of how close to the foreshore Cygnet Hall is:

Closer to the foreshore than Swan River Trust!

http://education.dec.wa.gov.au/

WordPress 3.3
Date Created: December 12, 2011  Date Modified: May 2, 2012

Well I said I was going to refrain from blogging while Im on contract to DEC, but a new version of WordPress is worth a mention on here–since this site is powered by WordPress. Lets hope all my plugins work as I chose not to run with the Beta on this site..

http://wordpress.org/news/2011/12/sonny/

[VIDEO] The CMS Rap…
Date Created: November 20, 2011  Date Modified: May 2, 2012

I was sent this a while ago but didnt click the link till today… This guy is the Biggie Smalls of WebRappers!–bigger than Heavy-D and his boys.

http://youtu.be/Zw-oflFWiR8

Joomla! as an intranet?: YES WE CAN!
Date Created: October 24, 2011  Date Modified: November 22, 2011

I was approached a few weeks ago by the Equal Opportunity Commission to build a Joomla powered Intranet–at first I had apprehensions: Joomla is not the greatest of CMS software for this application, and all government departments are running MOSS2010, so It would be simple logic to go with SharePoint for the intranet too?

Adding to the complexity of this project it was also suggested that the Joomla run on a WAMP stack–but with the server being SBS2003 I decided to put it together thru IIS instead of go and install Apache on a system that didnt require it.

The system installed without a hitch–its not the first time I have put together a J! on IIS, but its the first time I did so for an intranet. Hopefully this makes business run a bit smother down there at EOC.

Drupal 7 Release
Date Created: October 6, 2011  Date Modified: October 26, 2011

Im going to be spending an all nighter in Drupal sandbox getting ready for the release. Hopefully I can get something cool together for opening night. But for now the sandbox is fairly inconspicuous.. Below is a promo vid from team drupal that will no doubt be tweeted a million trillion times between now and Saturday morning:

If you are interested in upgrading to the new version, then join the party!

EDIT: Changes for version 7 can be found on the following page at drupal.org

This rant was posted in CMS, Drupal, Media, Video, Web, Web Design, Web Development on by .

Horses for Courses
Date Created: October 5, 2011  Date Modified: October 5, 2011

How can I say to someone that I dont put my clients in Joomla baceause its no a suitable product for what they want from their web?? Joomla is a pig of a thing and its only by a cruel twist of fate that I had to develop with it.

Now Im not saying Joomla is a bad product, it has its uses, but Content Management Systems should suit the type of site they are deployed for. I have a Joomla sub-domain I use as a sandbox for testing and development, because Im still happy to work with the product in a suitable environment. But for a multi-user site that has a mid to high traffic flow–Joomla just does not cut it.

I put a university in a CMS–and it was an enterprise level product that could handle the volume of traffic such an institution, Squiz Matrix in this example, and there are other enterprise level CMS software that can perform in such an environment.

Content Management is Horses for Courses, the last thing you need is a pig in the race.

I dont think so
Date Created: October 2, 2011  Date Modified: January 7, 2013

Had an interview at a local design agency, one that actually does design. I dont think I will be the successful candidate, as I made two cardinal sins in the design field.

First off was calling Mac’s evil empire machines, yes I have a bias against Apple, but one must never let opinion override professionalism.

The second, wich ties in with the first a little was that I mentioned flash, the rule here is: dont bring up old technology. Sure flash is still used, but its no longer held in the same regard as it once was. I tnink if I can overcome my own perzonal bias I will have no trouble securing the next placement.