This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice This article is not considered official documentation for K2 software and is provided “as is” with no warranties.

Issue

When in the K2 Worklist control or the K2 for SharePoint Worklist Web part you will see that the default label used when redirecting tasks, sharing tasks, and setting out of office will always search on the K2 Security label. This causes your users to assign tasks to local on-premise accounts by default instead of the desired cloud Azure Active Directory accounts. This would have to be changed manually on each search, but we are looking for a way to do this automatically without the below steps for the user to swap the label drop-down:

Image

Image

Image

Image

Symptoms

  • We have seen a lot of tasks Shared or Redirected to wrong users.
  • Users are reporting that they have not been assigned a task.
  • Out of office are set to wrong the Users with K2 Label.
  • You are in a hybrid AAD and AD scenario.

Resolution

We can use the below workaround to have the AAD label be used as the default label on the worklist and K2 for SharePoint Worklist Web Part.

Workaround Steps:

This workaround requires a change to the default Out of the Box web.config. Please be aware of this when running repair, configure, or upgrading K2 as these changes to the web.config may be overwritten back to default. If any adverse affects are seen after making this change, please revert changes.

1. Edit the K2 SmartForms Runtime web.config file. This is usually located in the file locations below depending on your K2 version:

K2 4.7:
C:\Program Files (x86)\K2 blackpearl\K2 smartforms Runtime\Web.config

K2 Five:
C:\Program Files\K2\K2 smartforms Runtime\Web.config

2. Search for the below xml node in the web.config file:

<!--<add key="DefaultSecurityLabel" value="K2"/>-->

3. Remove the comment on the below key and changed it to be like so:

<add key="SecurityLabels" value="AAD"/>

4. Also change the following node as well from:

<!--<add key="SecurityLabels" value="K2;K2SQL"/>-->

To be:

<add key="SecurityLabels" value="AAD"/>

For more information on what these Keys do, refer to the following documentation:

https://help.k2.com/onlinehelp/k2five/icg/5.2/default.htm#configref/config-security.html

5. After changing the above xml save the web.config file.

6. Do an IIS reset on the K2 Server via elevated command prompt.

Now when you open the Worklist control on a SmartForm on Share, Redirect, Out of Office, the AAD label will be selected by default:

Image

This also reflects on the K2 for SharePoint Web part as well:

Image