Symptoms
Please see below for the error we are receiving upon clicking "K2 Windows STS" on the login page following the upgrade last night. Note that "K2 Forms STS" works fine. Bear in mind that our K2 server is installed in a DMZ resource domain that has a one-way trust to our internal domain. Also, this was working fine in 4.6.7 yesterday before the upgrade.
Error
An error occurred trying to authenticate the user.
More Details
Exception Details:
System.Runtime.InteropServices.COMException (0x8007203A): The server is not operational.
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
at System.DirectoryServices.AccountManagement.ADDNLinkedAttrSet.GetNextSearchResult()
at System.DirectoryServices.AccountManagement.ADDNLinkedAttrSet.MoveNextMemberSearcher()
at System.DirectoryServices.AccountManagement.ADDNLinkedAttrSet.MoveNext()
at System.DirectoryServices.AccountManagement.FindResultEnumerator`1.MoveNext()
at SourceCode.Security.Claims.Sts.Windows.Controllers.wsFedController.Index()
Diagnoses
After reviewing the environment we noticed that all settings were correct. Doing a test with the Getgroups tool we got the same error.
Resolution
A coldfix was sent to help prevent K2 from trying to authenticate on different domains other than the local one.
Here are the steps on how to successfully apply the coldfix:
Procedure to GAC in the .NET 4 GAC
1) Stop the K2 Service
2) Browse to C:WindowsMicrosoft.NETassemblyGAC_MSIL
3) Delete the existing file in the GAC (Folder and ALL) If this is not done the file WILL NOT be updated.
4) Gac the new assembly using GACUtil or the awesome installer tools attached. This files are part of the installer Source files and installed files.
5) Drag and drop your assembly on the “SourceCode.Configuration.GAC.NET4.exe” located in C:Program Files (x86)K2 BlackPearlSetup.
6) Verify that the file is added to the GAC.
7) Open the Windows STS web.config located in : C:Program Files (x86)K2 blackpearlWebServicesIdentitySTSWindows
8) Add the key to the appssettings and save the file.
9) Start the K2 Service and perform an IISRESET.