K2 Trusted LDAP User Manager

When using K2 Trusted LDAP User Manager with LDAP servers that comply with LDAP v3 but aren't Windows-based, you might encounter a specific issue with the "manager" attribute:

  • User searches can fail: If the "manager" attribute isn't mapped correctly or doesn't exist on the LDAP server, user searches might unexpectedly fail. This behavior is different from other non-mapped or non-existent attributes, which typically don't cause search failures.

To address this issue, follow these steps:

  1. Check for a matching attribute: Verify if the LDAP server has an attribute that corresponds to the "manager" attribute in K2.

  2. Map the attribute correctly: If a matching attribute exists, ensure it's mapped accurately in the K2 configuration. Here's an example of a correct mapping:

    XML
    <K2LdapMapping K2Name="Manager" FullOnly="true" LdapName="manager" ObjectType="System.String" SearchQuery="(&amp;(objectClass=Person)(objectCategory=User))" SearchResultProperty="samAccountName" />

  3. Remove the mapping if necessary: If the LDAP server doesn't have a matching attribute, remove the "manager" mapping from the K2 configuration. This prevents the "object does not exist" error from occurring.

By following these steps, you can ensure that user searches function as expected when using K2 Trusted LDAP User Manager with non-Windows LDAP v3 compliant servers.

Comments

Post a Comment

Popular posts from this blog

Blocking Error during K2 5.6 Server migration

  Error Encountered: Error during K2 5.6 migration to a new machine, keeping the SQL server unchanged. Error message:                       20:49:59:>> Certificates.FindCertificate: Found 1 certificates                       20:49:59:>> RegisterShard.Execute: Adding additonal connection string parameters to config service shard                       20:49:59:>> AdditionalConnectionStringParameters.AmendSQLConnectionString: Additional connection string parameter value: empty                       20:49:59:>> AdditionalConnectionStringParameters.AmendSQLConnectionString: Additional ConnectionString Parameters is empty                       20:50:04:>> AnalyzableAction.PopulateValidate...
Read more

Client Credentials flow with K2 Cloud with Odata, Workflow REST or SCIM

Image
This guide outlines the steps to using the Client Credentials Flow for accessing Nintex K2 Cloud's OData, Workflow REST, or SCIM APIs. Before you begin: Ensure your environment is eligible for Client Credentials Flow by contacting Nintex support ( https://customer.nintex.com/cases/Pages/default.aspx ). Have a SHA256 hash of the client secret of your choosing ready. Steps: Onboarding: Open a support ticket with Nintex requesting the onboarding of the Client Credentials Flow for your environment. Provide the SHA256 hash of your the client secret. https://help.nintex.com/en-US/k2cloud/userguide/current/Content/IdProviders/ClientCredentials.htm You can Generate the secret hash from a Client Secret value in a .NET console application. The onboarding team does not need the actual secret value, only the hash of it. Use the following steps and code example to generate the hash: Add the  IdentityModel  NuGet package. Add the  IdentityModel  library reference in the ...
Read more

Blocking error RegisterServiceInstanceObjects when upgrading to K2 5.6/5.7

K2 5.7 Upgrade Error: Blocking Issue with Orphaned Service Instances Error Message:             07:30:39:>> AuthorizationBase.RegisterServiceInstanceObjects: Current ServiceType and ServiceInstance details: ServiceType.Guid = GUIDValue1. ServiceInstance.Guid = GUIDValue2 . ServiceInstance.Name = ServiceInstanceName             07:30:39:>> ConnectionHelper.GetServerInstance: Create 'AuthorizationClient' instance using ConnectionContext             07:30:39:>> AuthorizationBase.RegisterObject: Validate Parent             07:30:39:>> AuthorizationBase.Execute: Logged Error: Failed: System.Exception: Item 'GUIDValue1' does not exist    at SourceCode.Install.Package.Actions.Authorization.AuthorizationBase.RegisterObject(String name, Guid id, Guid parentID, Guid classID, String className, Boolean inherit, Boolean propagate, IIdentityReferenc...
Read more