This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice This article is not considered official documentation for K2 software and is provided “as is” with no warranties.


After we added new users from new domains these specific users were not being resolved after the identity cache has refreshed.


The users were part of multiple domains and these domains were part of the role in it and the domains all had a two-way trust. These users could also be resolved via the AD and UMuser smo's but only after manually refreshing each user. We noticed the following errors in the ADUM logs for these specific users when the K2 cache refreshed after 8 hours:

"2017-06-28 15:58:48::588", "Error", "ResolveNestedGroups", "Failed to translate name: Domain\Group", " at SourceCode.Security.ADManager.Secur32.TranslateNameToDN(String name) at SourceCode.Security.ADManager.K2UserManager2.ResolveNestedGroups(String name, ArrayList& parentGroupCollection)", "Additional Information: ", "ResolveNestedGroups(Domain\Group)"

The issue was due to how we resolve nested groups when users are part of groups from multiple domains.


Please contact K2 support and request the codefix for this.