Symptoms
You may have a requirement to set K2 OOF settings for other users without having server-level administrator rights. For example it may be required to have dedicated workflow administrator (with process-level administrator rights) to manage K2 OOF settings from K2 SharePoint portal. Alternatively K2 Workspace interface can be considered as an option for the same task.
Unfortunately user which has process-level administrator rights unable to set OOF setting for other users.
Diagnoses
Server-level administrator rights are still required to manage other users’ OOF settings in 4.6.10 as reflected in product documentation:
http://help.k2.com/onlinehelp/k2blackpearl/userguide/current/webframe.html_in_sharepoint_process_portal.html
“A user with Administrative rights on the K2 Workflow Server will be a K2 Out Of Office administrator as well”
In 4.6.10 requirement to have server-level Export rights for a user in order to configure his own worklist OOF settings was removed, so that user can configure his own OOF exceptions without server level Export rights. But server-level administrator rights are still necessary to configure other users’ OOF settings. The reason why only user with server-level administrator rights can configure OOF settings for other users as opposed to user with process-level administrator rights is the fact that we configure OOF settings on user level, and user not limited by one particular process and can be participant of any number of processes including those which may be added in the future, hence server-level admin rights requirement.
Granting server-level administrative rights may be an acceptable option but it gives such user unnecessary access to sensitive server settings exposed in K2 workspace. To mitigate this you may look for the options to hide/remove certain sensitive settings like License management, Environment Library editing etc. from administrative user who needs only workflow/OOF management capabilities. There is an existing feature request to implement Authorization Framework and Category Security in new versions of K2 workspace which will allow to configure more granular permissions.
At the moment the following partial workaround can be considered for this scenario: you can hide Workspace Management tab by adjusting Workspace permissions as well as enable “Display worklist for managed users” option:
http://help.k2.com/onlinehelp/k2blackpearl/userguide/current/webframe.html_manager_configuration.html
But this approach has certain limitations: In K2 process portal user with server-level administrator rights will see all settings (including those you have hidden in K2 workspace), and in K2 workspace it will be possible to see and manage only worklists of managed users (i.e. those who has this user set as Manager in their AD user profiles).
Resolution
Current version of K2 blackpearl (4.6.10) still requires user to have server-level administrator rights in order to manage other users’ OOF settings. Partial workaround to this described above.