A Content Management System

Unifying Authentication with freeRADIUS - Part I

Wednesday, March 4, 2009 by Dereck Martin

How does one unify authentication for various technologies across a mixed operating system environment and deploy it transparently to users?

Well, I have decided to use freeRADIUS as the entry point for our roaming wireless and vpn authentication. freeRADIUS then passes the credentials on to Active Directory for authentication. In this part, I will be focusing on getting the box authenticating against Active Directory and the installation of freeRADIUS.

In order for this to work, a Linux box needs to be setup with samba and winbind to work nicely with Active Directory. If you are experienced with this setup, it can be done in as little as 30 minutes.

I have a basic configuration file for samba that should work with a Windows 2003 Active Directory domain for nearly anyone.

 [global]
        security = ads
        netbios name = server01
        server string = server01
        workgroup = DOMAIN
        realm = DOMAIN.COM          # ip of active directory server
        password server = x.x.x.x

        idmap uid = 10000-29999
        idmap gid = 10000-29999

        winbind separator = +
        winbind enum users = yes
        winbind enum groups = yes
        winbind use default domain = yes
         # You will need to create /home/DOMAIN if you plan to allow                   # user to log-in, and setup pam.d stuff
        template homedir = /home/%D/%U
        template shell = /bin/bash 
        client use spnego = yes
        domain master = no
         # ip of wins server
        wins server = x.x.x.x 
        encrypt passwords = yes
        server signing = auto
        name resolve order = wins host bcast

There is also a krb5.conf file that needs to be edited as well.

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = DOMAIN.COM
 dns_lookup_realm = true
 dns_lookup_kdc = true
 ticket_lifetime = 24h
 forwardable = yes

[realms]
 DOMAIN.COM = {
  kdc = x.x.x.x:88
 }

[domain_realm]
 .dnsdomain.DOMAIN.COM = DOMAIN.COM
 DOMAIN.COM = DOMAIN.COM

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }

You will also need to setup /etc/nsswitch.conf as well.


passwd:     files winbind
shadow:     files winbind
group:      files winbind
protocols:  files winbind
services:   files winbind
netgroup:   files winbind
automount:  files winbind

After these three files are setup and tuned to your environment, then start the samba service with /etc/init.d/smb start.

HINT: make sure time is synced within 5mins of the Active Directory server or things tend to break.

The only thing left to do is join the box to the domain. The command below should be sufficient to do this. You will need to make sure this machine has a static ip address, and it should have a A record and ptr record in DNS for the hostname of the box. If not, Active Directory may complain about it with a cryptic error message.

#~> net join -U Administrator

Once that is complete and there are no errors, start winbind. On some Linux distributions the winbind init script is apart of the samba init script (like Gentoo).

#~> /etc/init.d/winbind

You should be able to do a wbinfo and get something like below:

#~> wbinfo -a username%password
plaintext password authentication succeeded
challenge/response password authentication succeeded

After this is working, then its time to install freeRADIUS. I would heavily recommend installing from your distribution's package management system. This is a common application, and should be available for the big distributions.

There is one thing that will need to be done in order to get freeRADIUS to work nicely with winbind. If this is not done, then radius will not work right.

#~> cd /var/cache/samba/winbindd_privileged/
#~> setfacl -m u:radiusd:rx winbindd_privileged

Note: on some distributions, "acl" needs to be added to /etc/fstab. ACL options for the file system type need to be included in the kernel configuration. On systems like CentOS and OpenSuSE this shouldn't be a problem.

In the next part coming soon. I will discuss how to configure radius for EAP/PEAP authentication for wireless networks.

Online Business Blog

Tuesday, December 23, 2008 by Jason Gergely

When I hear the phrase "Online Business Blog" I think of a kind of journal that business professionals use to accomplish several different things. First, they do this to get the word out better about their company, what it has to offer, and how it can benefit you. Secondly, these business professionals are trying to express their feelings on your company. It can be a kind of like a journal but can be seen by anyone that wants to see. By allowing these employees to write posts, they can express themselves about the company and their job, and of course, since there is a content manager, the information put on your company website, will for sure be within your (or your administrator's) control.

Because an it is online, your blog MUST be attached to your company website. What good would a it do if it were not even attached to your website? It is completely ineffective if you don't. By attaching your blog to your website, you are helping with an easy transition from information search to sale of product or service. Basically what I am saying is LINK YOUR BLOG AND YOUR WEBSITE TOGETHER!

If you want to get more information on blogs for employees, look at Compendium's website. You can get information on the service as well as examples of how to set it up!

Subdomain vs Subdirectory: Which is better for SEO?

Wednesday, December 17, 2008 by Douglas Karr

This is a follow-up to my first post on Why host on a subdomain versus a subdirectory.

Matt Cutts of Google has some interesting feedback on this, and promotes the use of a subdirectory due to the complexities involved in subdomain configuration. I believe that when you're blogging for business and tracking conversions, the advantages of a subdomain become a bit clearer.

Organizing subdomains used to be difficult but is now pretty mainstream in hosting administration panels.
Utilizing subdomains opens you up to utilize third party Software as a Service applications that are best suited to do the job. Delegating your email subdomain to an email service provider, for example, is a great way to monitor and maintain your email reputation.
A subdomain can be pointed anywhere, internally or externally, providing you a lot more flexibility in moving your blog between providers or changing your website's content management system, etc. without impacting each.
Most importantly, utilization of a subdomain allows you to control, monitor and adjust your corporate blogging strategy seperate than your other marketing initiatives.

If you start a business blog, I still believe that hosting the blog on a subdomain is a best practice.

CMS Systems

Thursday, December 11, 2008 by Jason Gergely

CMS stands for Content Management System. What a CMS system does it manages content by collaborating data. It eases the management of data. We can use them to create, manage, edit as well as publish content, such as blogs. A CMS can help organize your data, and keep track of your posts.

Some company websites use this type of system to help organize their website. For instance, a company has their main website, and then has subpages under this umbrella. What it does it gives the specific departments a free range of adding information, while maintaining a similar look across the entire website.

It makes it easier in the long run for designing websites. If the website has a small error or something that needs to be changed, you don't have to go back to the web designer because you can do it yourself

Content is the New Way to Market

Thursday, December 11, 2008 by Kristen Raves

With so many advertisements being shoved down our throats every day, businesses are finding new and innovative ways to market their products and services. Pop up banners, newspaper ads, and Pay Per Click advertising just does not work the same way it used to. Marketing through blogging is a common way for the average customer to find you and purchase your products and/or services.

The common consumer just ignores those flashy ads. People are so bombarded with these tactics that it means nothing to them. By having a blog content management system such as Compendium Blogware, everyone in your organization can share their thoughts and opinions. From the CEO to a customer service representative, it is important that these individuals are writing about what it is that their organization has to offer.

By having a platform to share these ideas, it makes it easier for your company to be found in the search engines. Let's face it, not as many people actually click on those paid searches anymore. So why not market in the organic search results? Most companies are worried about how they are going to market in this tough economy. To that we say, blog. It is a cost efficient and easy way to promote your company in its best light. It gives you the ability to write content that focuses on what your company does and the solutions that you can provide to your potential customers.

Protecting the Data is a Priority

Sunday, November 30, 2008 by P.J. Hinton

Erich Schonfeld has a post at Tech Crunch about how Facebook recently experienced a data loss that resulted in evaporation of its user's e-mail notification preferences. He takes comfort in the fact that it was a loss that should provide only a minor, and short-lived, annoyance to users, but he also notes that had the preference been something that regarded privacy settings, the results could have been much worse.

As a developer, I have an idea of what might have happened in the data loss. I wouldn't want to be the person who was responsible for the data loss. It's good that we see these stories because it's a sobering reminder of the dangers of working with live data.

Almost every web-based application has to persist data. Facebook stores profile information in addition to preferences. E-mail services store messages and the preferences that govern the behavior of the application's user interface. Content management applications (blogs included) store posts, comments, and page layout information.

Usually this data goes into a relational database management system (RDBMS) like MySQL, MS SQL Server, or Oracle. But performance issues have led some to question the database design best practices that have been in use over the past two or three decades. Others have one so far as to speculate that RDBMSes may be so ill suited to some data persistence uses that one should consider using something else.

Regardless, the data you submit to a web application gets poked into some means of persistence, and then later on it is read by the application for generating pages (like this blog post) or making a decision (like whether to notify an administrator immediately when a blog post has been submitted for approval).

The world is neither perfect nor static. Sometimes a bug in an application can result in the creation of bogus database entries. It's not enough to stop the application from doing that again, it's also important to determine if the damaged data can be repaired. If the damage is on the order of hundreds or thousands of items, a script may need to be created to repair the damage.

Here is where things can get dangerous. Repair scripts sometimes need to make destructive changes (i.e. SQL DELETE statements) to a table. It is very important for the script's author to have an understanding not only of the table being modified but also any quirks in the semantics of column entries.

For example, rows created early in the application's history may not have stored ID values for certain types of entries. When these things are not taken into account, a repair script may inadvertently delete rows that may not be valid in current application usage but are still essential pieces of data.

When things like this happen it's not always obvious that something has gone wrong in the application. For the most part things may work fine, but then all of the sudden people notice that information on certain pages is missing.

Times like this, it's nice to have a backup of the database from which to restore the lost data. My guess is that the Facebook development team decided that the loss was not severe enough to perform the recovery. On the other hand, if the decision was based on the lack of a recent backup to restore from, then shame on them.

Here at Compendium, we devoted a code review a couple months back to developing some standards and best practices for writing database repair and maintenance scripts. This helped us to move from an ad hoc patchwork of scripting styles to a more consistent, reliable, and reusable body of code. Some of the guidelines that emerged from those discussions:

Proposed database schema changes should be vetted by all members of the engineering team. Once agreed upon, the system engineering team needs to be notified of these changes so that backup scripts can be adjusted.
Environment settings (e.g. production or development) should be specifiable from the script's command line arguments and then determined programmatically by the framework if not specified there. There should be no hard coding of these values.
If there are model classes or data access objects that can be used to manipulate the data, the script should use these rather than using hand crafted SQL strings.
One-time use scripts should be named after the work item number that they were created for. Multiple use scripts should be flexible to handle a wide number of use situations, named for the tasks they perform.
All repair and maintenance scripts should be placed under revision control.

These guidelines help us to ensure that when things need to be fixed or reconfigured, they are done with minimal risk to the data.

What is this CMS thingy?

Wednesday, October 29, 2008 by Jason Gergely

CMS stands for Content Management System. A Content Management System simply put is used to manage content in a collaborative manner. It is used to create, manage, edit, and publish content while making it easy to manage and organize. High schools use it so that each department is able to design its own specific web page under the umbrella of the school website. What it does it gives the specific departments a free range of adding information, while maintaining a similar look across the entire website. It makes it easier in the long run for designing websites. If the website has a small error or something that needs to be changed, you don't have to go back to the web designer because you can do it yourself.

Are your Business Blogs Invisible?

Tuesday, October 28, 2008 by Chris Baggott

Invisibility is a dream of many....BUT NOT A GOAL OF MARKETERS!

A content management system or Blog Building Software is useless if it makes you invisible to the people searching for your business.

Basic Blog Software is usually pretty good at helping a business target one or even a few keywords. The problem of course is that most business bloggers (or marketers) want to target hundreds or thousands of keywords, not one or two...or even 10.

By definition, that means organizations need to have multi user blog software and blogging technologies that scale beyond what one can get out of software designed for citizen journalism and focused on the ROI associated with SEO and lowering the cost of customer acquisition.

I know this sounds self serving but I started Compendium Blogware because there was no other solution of business blogging on the market that would help me accomplish my goals. I don't want to be invisible.....and neither do you!

Business Blogging Made Simple

Thursday, October 23, 2008 by Douglas Karr

Compendium has not simply designed our user administration interface with simplicity, we've extended that simplicity out to our standard template. During the sales and implementation cycles, we're often asked to mimic a complex web design, or customize the interface with lots of 'stuff' per other Blog CMS platforms.

We push back... hard.

The templating system we utilize is open and 100% CSS driven so that anything is possible. The problem is that anything is not the thing that will drive results to your business.

The value of blogging is simple from an SEO standpoint:

People search.
Search engines provide the relevant answer.
People read the answer.
Some people engage further.

There are quite a few articles and a couple of books on maximizing conversion rates and landing page optimization. All of them agree:

Show the relevant content that people were looking for.
Provide a compelling call to action for the person to engage your business future.

Sidebar widgets and gadgets and other information are diversions from the task at hand. They clog the interface, divert attention from the answer, and confuse the person's next step.

Here's an example from fellow blogger, John Chow:

John's page has no less than 50 calls to action (text and image ads) on it. Why? John's page is not a corporate blog, it's a blog to make money off of corporate sponsorships and advertising revenue. Other than to buy ad space, the purpose of the site is to make money from folks hitting ads.

The way to ensure this happens is to place ads everywhere you can find real estate. It's a great blog and it works at driving advertising revenue to John. John also does NOT rely on search engine traffic for acquisition. In fact, I believe Google dropped him from the index a while ago.

Here's an example from Compendium Blogware's Business Blog:

Our focus is not that of a content management system nor of the off the shelf blogging software. We designed our system + our standard template + our call to action strategy to drive business results from search back to your company. It’s a proven force already in the industry. Extraneous features are a diversion and will significantly reduce the conversion rates of those people who land on your blog.

We absolutely want to cross-promote your site – where you can have all of the gadgets and widgets you'd like (and hopefully information in a neatly organized, easy to find, and attractive interface). However, on your blog, it’s going to hurt your investment.

A minimalist approach is the best approach – with distinctive call to action(s) that leave nothing to the imagination for organic searchers who land there. I would add that we’ve proven this methodology by drinking our own Kool Aid!

Additional Resources on Optimized Landing Pages and Maximizing Conversions:

SEOmoz - Simple Strategies for better conversion rates
BtoB - Landing Page Optimization
Jonathan Mendez - How Simplicity, Recognition&The "Perception of Ease" Impact Landing Page Optimization
Search Marketing Standard - Five Factors for Landing Page Optimization
Conversation Marketing - 14 Landing Page Upgrades
Marketing Experiments Journal - Landing Page Optimization Tested

Books on the Topic:

Corporate Blogging from another voice.

Friday, July 25, 2008 by Sarah Sedberry

Douglas Karr touched on a topic near and dear to our hearts here at Compendium Blogware in his post yesterday: Blogging for Business: New Tricks for Old Dogs.

Douglas does a great job breaking down how blogs are emerging as a marketing source for companies.

He addresses the pitfalls businesses are falling into, such as:

Dull conversations aren’t attracting readers
Business blogs turn into regurgitated press releases.
The topics don’t spark comments or trackbacks.
The posts lack personality and thought leadership.

"In short, the reason why business blogs are failing are because corporations are substituting a blogging application for their content management system."

At Compendium Blogware we help focus your posts and give you the tools to help make your corporate blog successful. We stress blogging for a purpose and assist in creating a strategy with your business to get a return on your investment.

Douglas also touches on what they can do to ensure success.

"Gaining authority and search engine results"
           - This is part of the package with Compendium - our expertise in SEO"

"Implementing a blogging platform that guides the blogger effortlessly through the posting process"
         - Our platform allows the user to easily create and post content, provides a                 list of keywords to focus on, and an indicator letting the blogger know                     how strong their post is.

"Blogging is a not an overnight success. Great blogging results require momentum and constant analysis and improvement."
           - Our Client Success Team is here to provide support and guidance                             regarding content ideas, best practices, tips and tricks to keep the                         process simple and stress-free.

Another feature of our platform is that there is an administrative layer that monitors the content that ends up published.

These are all reasons why Compendium Blogware can be the best answer for any business looking to begin a corporate blog.

(Also a thanks to Douglass for the plug!) :o)

The problem with using CMS for blogging

Thursday, January 3, 2008 by Ali Sales Roach

This blog is becoming a list of frequently asked client questions, but I think it’s appropriate to share our responses here.

CMS is a beautiful thing when it comes to websites, microsites, and landing pages. We all know the pain of asking “our web guy” (who cringes at that title) to change the color of a hyperlink. Or the positioning of a button. CMS is a powerful way to make quick updates and put some of the control in the hands of non-technical people just like me.

But problems arise when using CMS (content management systems) as a blogging tool. First of all, permissions can become a real issue with content management systems. Chris Baggott has a great story about the pain a “certain company” felt when they tried to use CMS for blogging. It worked fine until people actually started writing content, which had to be batched and sent to an administrator via email for approval, then modified, and finally entered into the CMS interface.

So guess what happened as a result of this process? Posts didn’t get approved in a timely manner, and because writers didn’t see their content, they lost a lot of enthusiasm and didn’t feel compelled to write all that much. Other problems included cost and scalability. There’s a good reason why CMS is still, for the most part, designed for only a few people to have access. Let more than a handful in, and not only does it become expensive, but everyone wants a say in how things look, feel, and read.

And speaking of look and feel, although CMS makes it possible to put blogs directly within the framework of your website, with the same look and feel and features and images, the beauty of the page may come at a high price. All of that fancy HTML and coding may make it difficult for Google and other search engines to get through to the heart of what you want them to find: your content. With a clean blogging platform, Google is able to easily scan the content through a clear lens and not get hung up on the excess “stuff.”

Blogging platforms like Compendium also have clear control and compliance features, user permissions, workflow rules, and are affordable when you want to have lots of people participating in content creation. That’s right, content creation, not content management. Look at the differences between those very phrases, and the light bulb will probably go off.

With a blogging solution, you’re able to give lots of people an outlet to create content, which is more powerful for your organization than management of content created by a few select people.

The reason why content creation by numerous people is so important all traces back to search engine optimization (SEO), acquisition, and personal relationships. What are your thoughts on CMS and blogging? What other pitfalls or benefits have I overlooked here? I’d love your feedback.

Blogging: The Next Disruptive Force?

Sunday, November 18, 2007 by Jenni Edwards

I have to admit I have never read much of Clayton Christensen's research or books ; but have always liked his theory of disruptive technology --- basically, a fancy word to say "a product or service that turns an industry upside down." Forbes recently ran an article about some of these "disruptive innovators" --- some examples, NetFlix, Google, Roomba, Skype...all changed the way people thought about an industry (movie rental, search, personal robotics & telecommunications; respectively). These innovations have taken down some industry giants (Blockbuster, AOL/Yahoo...etc.); I love most all of the Top Ten products that are featured in the slideshow here and am sure many of you also see the value of these products and services (who doesn't own or know someone who owns a I-Pod of some sort at this point?).

It is because all of these products solved a problem, much like blogging can do for an organization. While there is hype about businesses becoming involved with social networking (Facebook, Second Life...) it is hard for me to see where this solves a problem and produces a true ROI . While these may be good media outlets to run advertisements to a certain demographic, beyond that I don't see the business results (anyone disagree?). So what problems do blogging solutions solve? First, much like some of these other products it really levels the playing field --- in this case, within the search ranking arena--- no longer is it only those companies willing to spend thousands per week on pay per click (PPC) that are able to win search. Business blogging can do this for pennies on the dollar and a much higher return --- PPC is only getting about 1% of the clicks anyways.

What other problems can a blogging solution solve? Well, content management within an organization (being able to tap into your resources), improved customer relationships, better qualified leads (as they are able to disqualify themselves before moving forward with the ability to learn more through your blogs) and more. So much like NetFlix has solved my problem of constant late fees at the video store; blogging can save you and your business many of the headaches due to poor search rankings, poor communications and the misunderstandings that potential customers may have about your company.

Blogging Internally --- I'm Loving It

Monday, November 5, 2007 by Jenni Edwards

Lately I have received a lot of questions from potential clients about using our blogging solution internally as a secure communication method within their organization. Is this possible? YES! Blogging internally can be a great way to manage a lot of content, keep a living record of decisions made within groups and departments, discuss sensitive project information and more. Check out this great post from corporate communication guru Shell Holtz's Blog which does a good job of outlining the major uses and advantages of internal blogging. So if you are looking for a great internal, easy to use content management tool, consider blogging.

However, as big of fan as I am of internal blogs (Disney, DaimlerChrysler and McDonald's and many more have seen great ROI and success on their internal blogging initiatives); I would encourage any company that is considering internally blogging to take a step back and consider making external blogs a part of the communication plan as well --- acquiring customers (blogging for SEO) and communicating with customers is something that cannot be ignored by any communication or marketing team and blogging internally (exclusively) eliminates these benefits. More to come on this topic soon...seems to be an interesting decision within organizations: to blog internally, externally or both?

Blogging Is A Solution

Friday, October 26, 2007 by Jenni Edwards

Sometimes when talking to potential clients I get the impression that "they get it" --- they understand why blogging is important (SEO, conversational marketing, content management, etc.), why Compendium Blogware is different (Check out this post and this one too). Finally, the person realizes that their company absolutely needs to get started blogging sooner than later. However, you can hear the dread in their voice of "another thing I have to get done; another thing that I have to spend money on to stay competitive".

I think this is what doesn't always click --- that blogging is part of the solution to some of the common problems they are facing. Here are some ways that I see business blogging as a solution:

Blogging improves your organic search results; allowing you to reduce and eventually eliminate annoying and expensive PPC and other search engine optimization efforts.
Organization blogging allows for more direct interaction with potential and current customers; opening up a new invaluable communication channel and allows for this "conversational marketing" to take place.
A new (cheaper) medium than traditional print mailings and advertisements.
Compendium Blogware is easy to use --- it is a hosted solution with minimal IT involvement; the focus is on the content and organizing (done by the software) that content in the best possible way.
Blogging improves communication and understanding internal to the organization; increasing manager's awareness, employee satisfaction and reducing turnover (decreasing expensive recruiting and training costs).

These are just ones that I had on the top of my head --- I am sure there are more ways that blogging can save time and money and be part of the solution (any ideas??). The bottom line is that when you start to list the activities that can be reduced or eliminated through blogging and add up the cost savings (dare I add to the above list: decreasing internal and external e-mails?) you start to see blogging as a solution -- not another "to do" or expense.

Blogging for Business In the Wall Street Journal & Investors Business Daily

Tuesday, August 21, 2007 by Chris Baggott

IBD article on Blogging for Corporations and Business I wanted to give you a heads up on a couple of articles that came up in this weekend's Investors Business Daily and Monday's Wall Street Journal.

They basically say the same thing: Blogging is a fantastic tool for businesses. Among the obvious advantages easy content management and low cost, the most important advantage in both stories was the search engine optimization benefit.

The only downside in both stories was the hardware and software pain in getting set up and in managing the blogs....Problems that go away with Compendium's SaaS Blogging Software.

You can read the two articles here:

The Right Digital Touch Blogging for Business article in the IBD

Blog It And They May Come Article in the WSJ.

This is what Marketing Democracy is all about....blogging is agnostic. It doesn't matter how much money you have to be successful. With easy to use Blogging Software, any organization can be quickly leveraging the power of Blogging.