Searching for Users, only return users from the primary domain configured

  • 16 February 2021
  • 0 replies
  • 20 views
MillaZ
Userlevel 5
Badge +20
 

Searching for users in a multi-domain configuration with the 'Contains' type only return users from the primary domain

kbt134191

PRODUCT
K2 blackpearl 4.7
K2 smartforms 4.7
BASED ON
K2 blackpearl 4.7
This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice. This article is not considered official documentation for K2 software and is provided "as is" with no warranties.
LEGACY/ARCHIVED CONTENT
This article has been archived, and/or refers to legacy products, components or features. The content in this article is offered "as is" and will no longer be updated. Archived content is provided for reference purposes only. This content does not infer that the product, component or feature is supported, or that the product, component or feature will continue to function as described herein.

Issue

K2 was configured for multi-domain via the K2 Management site:

K2 Management > Users > K2 > Domains

 

But searching for users via the K2 Management site to assign server rights / process rights, only return users from the primary domain.

Symptoms

- Searching for users using the 'Contains' type only returns users from the primary domain

- Searching for users using 'Starts with'/'Equal to' does return the user successfully

- Executing the UMUser SmartObject > Get User Details does return information for users from all domains configured

- A bug was discovered when adding additional domains via the K2 Management site, the 'MultiDomain' attribute in the [RoleInit] column for the K2 security label does not get set to 'true.' This causes the 'Contains' filter to only return results from the primary domain.

 

 

<roleprovider>
<init>ADCache=0;LDAPPath=LDAP://DC=DENALLIX,DC=COM;ResolveNestedGroups=False;

IgnoreForeignPrincipals=False;IgnoreUserGroups=False;MultiDomain=false;

OnlyUseSecurityGroups=False;LogLevel=Error;LogSize=0;DataSources=&lt;DataSources&gt;

&lt;DataSource Path="LDAP://DC=DENALLIX,DC=COM" NetBiosName="DENALLIX" /&gt;
&lt;/DataSources&gt;</init>
<login />
<implementation assembly="ADUM, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16a2c5aaaa1b130d" type="ADUM.K2UserManager2" />
<properties>
<user>
<property name="Name" type="System.String" />
<property name="Description" type="System.String" />
<property name="Email" type="System.String" />
<property name="Manager" type="System.String" />
<property name="SipAccount" type="System.String" />
<property name="ObjectSID" type="System.String" />
<property name="DisplayName" type="System.String" />
<property name="CommonName" type="System.String" />
<property name="UserPrincipalName" type="System.String" />
</user>
<group>
<property name="Name" type="System.String" />
<property name="Description" type="System.String" />
<property name="Email" type="System.String" />
</group>
</properties>
</roleprovider>

 

Resolution

1. This attribute can be updated in the K2 database with an update statement.  Please create a backup before doing so.

 

UPDATE [HostServer].[SecurityLabel]
SET [RoleInit] = REPLACE(CAST([RoleInit] as nvarchar(max)), 'MultiDomain=False', 'MultiDomain=True')
WHERE SecurityLabelName = 'K2'

 

2. Alternatively, delete one of the additional domain configurations and re-add it via the K2 Workspace site. This will set the 'Multidomain' attribute to 'true':

 

K2 Workspace > Management Console > [Server:Port] > User Managers > K2 > Domains

Check out these Nintex University Learning paths: https://community.nintex.com/p/NintexUniversity

0 replies

Be the first to reply!

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings