Domain users are unable to login to K2 sites using Windows Authentication. After three attempts, it leads to a 401 error.
Domain users who do not have administrator rights on the web server where the K2 site is hosted get this issue.
Please check the following items:
- A single provider is enabled.
- The application pool account is not a system account.
- The application pool account is a member of the IIS_IUSRS Group.
- The IIS_IUSRS group has Modify rights to the Windows\Temp directory.
- The following policies are granted to the Authenticated and Domain users on the web server:
Access this computer from the network
Log on as a batch
- The K2 Site URL is added in either Local Intranet or Trusted Sites under the Internet Options in IE.