This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice This article is not considered official documentation for K2 software and is provided “as is” with no warranties.

Objective

Specify credentials connecting to AD

Before You Begin

By default, the K2 service account is used to connect to other domains in a multi-domain environment. In situations wherein a separate account has to be used to query users or groups from other domains, you may specify the credentials on the corresponding entry in the [HostServer].[SecurityLabel] table inside the K2 database.

Updating entries in this table requires a K2 service restart for the changes applied to take effect. 

Incorrectly editing the K2 database can result in system instability or failure. Before making any database changes, it is strongly recommended to make a backup of your database. Database changes should only be performed by database administrators or users with sufficient knowledge and experience with SQL server to apply these changes correctly. If you need assistance with implementing these changes, please log a Support Ticket with K2 Product Support.

How-to Steps

On the RoleInit column of the K2 security label, you will see a DataSource configured for each of the domains configured in K2. For example, 

<roleprovider>
<init>ADCache=10;ResolveNestedGroups=False;IgnoreForeignPrincipals=False; IgnoreUserGroups=False;MultiDomain=True;
DataSources=&lt;DataSources&gt; &lt;
DataSource Path="LDAP://DC=DENALLIX,DC=COM" NetBiosName="DLX"/&gt; &lt;
DataSource Path="LDAP://DC=EXTERNALDOMAIN,DC=COM" NetBiosName="EXT"
/&gt; &lt;/DataSources&gt;
</init>
...
</roleprovider>

Adding the UserName and Password properties should allow K2 to connect to the domain under the context of this user's credentials:

DataSource Path="LDAP://DC=EXTERNALDOMAIN,DC=COM" NetBiosName="EXT" UserName="[username]" Password="[password]"

These properties are case-sensitive.