<{{Subtitle_Weight}} class="prominent-subhead {{Show_Subtitle}}"> {{Header_Subtitle}}

How to register a security label in K2

This article has been archived, and/or refers to legacy products, components or features. The content in this article is offered "as is" and will no longer be updated. Archived content is provided for reference purposes only. This content does not infer that the product, component or feature is supported, or that the product, component or feature will continue to function as described herein.


K2 blackpearl as an installation prerequisite requires a user manager to be installed and available. Active Directory is the supported user manager, and once installed Active Directory is the default user manager. This article describes the steps required to reconfigure a K2 blackpearl installation to use K2SQLUM. 

Note: K2 blackpearl supports using multiple security providers, and K2 blackpearl can be reconfigured to use an alternate user manager either K2SQLUM or a custom user manager. When installing however, AD or K2SQLUM must be used initially.

Registering the Security Label

To facilitate the secondary or alternate Security Provider the security label representing the provider must be registered within the database.  See the instructions below on how to register the K2SQLUM.

  1. Open SQL Server 2008 Management Studio
  2. Expand the Server Instance node as follows [Server Name] > Database > K2 HostServer > Tables > dbo.SecurityLabels
  3. Right click and select Script Table as > Insert To > New Query Editor Window
  4. To register the security label:
    • If the SQLUM label is being registered then, in the Values Section, paste the following script Execute the SQL Script  but before this is done verify the following, [SQLSERVERNAME] represents the name of the SQL Server and must be replaced with the name of the local SQL Server
    • '8e8d5221-ee89-4cd7-99da-fcfcdf64abdb',
      '<AuthInit><init>[SQLSERVERNAME],K2SQLUM</init><login/><implementation assembly="SQLUM, Version=, Culture=neutral, PublicKeyToken=16a2c5aaaa1b130d"
      '<roleprovider><init>[SQLSERVERNAME], K2SQLUM</init><login/><implementation assembly ="SQLUM, Version=, Culture=neutral, PublicKeyToken=16a2c5aaaa1b130d" type ="SQLUM.K2UserManager"/></roleprovider>',
  5. If a custom User Manager is going to be used, then the procedure is the same, however the details required to register the security label differ.  To edit the variable press CTRL + SHIFT + M and the following dialog will appear.  Enter the variables accordingly

  7. Provided the execution was without error, 1 row will be affected. 
  8. A K2 Host Server restart is required after executing the above query. After the restart the K2SQLUM node will be visible in the K2 Object Browser.
  9. Important: The above procedure can be repeated to insert other labels; however it must be edited to ensure that there are no conflicts with the unique identifiers used by K2SQLUM.

    K2 Designer for Studio

    Once the script has been run, the new Security Label is visible from the K2 Object Browser > Users, or Groups as seen in the image below.