Skip to main content


 

Symptoms


Numerous errors in K2 host server for certain AD DS group:
64007 Provider did not return a result for K2:DOMAINGroup_Name

At the same time group is active in AD DS and can be added without any issues into SharePoint group or K2 role.
 

Diagnoses


Verify the name of the group in AD DS – it could be the case that it contains “/” symbol in group name which in K2 logs represented as “_” symbol. K2 unable to support this symbol in the group name and removal of this symbol from group name will resolve this issue.
Note that despite recent Microsoft AD DS implementations allow you to use “/” symbol as well as some other symbols, using “/” is not in compliance with RFC 2253/RFC 4514 LDAP standards. So it you aiming for maximum interoperability and compatibility with legacy software you should avoid using “/” in group names. Also it is not supported for pre-Windows 2000 systems.
Also these
Extracts from respective RFCs:
RFC 2253 “Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names” (published 1997). UTF-8 string which is used as the string representation of the AttributeValue cannot contain the following characters which need escaping:
",", " ", """, "", "<", ">" or ""
In addition to that “_” cannot be used at the beginning of the string and “space” cannot be used at the end.
RFC 4514 “Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names” (published 2006) also mentions the same symbols.
 

Resolution

To resolve this issue remove “/” symbol from AD DS group name.




 
Be the first to reply!

Reply