< class="prominent-subhead ">

Users not being resolved after identity cache refresh

This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice. This article is not considered official documentation for K2 software and is provided "as is" with no warranties.
This article has been archived, and/or refers to legacy products, components or features. The content in this article is offered "as is" and will no longer be updated. Archived content is provided for reference purposes only. This content does not infer that the product, component or feature is supported, or that the product, component or feature will continue to function as described herein.


After we added new users from new domains these specific users were not being resolved after the identity cache has refreshed.


The users were part of multiple domains and these domains were part of the role in it and the domains all had a two-way trust. These users could also be resolved via the AD and UMuser smo's but only after manually refreshing each user. We noticed the following errors in the ADUM logs for these specific users when the K2 cache refreshed after 8 hours:

"2017-06-28 15:58:48::588", "Error", "ResolveNestedGroups", "Failed to translate name: Domain\Group", " at SourceCode.Security.ADManager.Secur32.TranslateNameToDN(String name) at SourceCode.Security.ADManager.K2UserManager2.ResolveNestedGroups(String name, ArrayList& parentGroupCollection)", "Additional Information: ", "ResolveNestedGroups(Domain\Group)"

The issue was due to how we resolve nested groups when users are part of groups from multiple domains.


Please contact K2 support and request the codefix for this.