Symptoms

Users whose Active Directory accounts included into OU which contains "/" symbol in its name keep getting disabled in K2 upon any access/authorization attempt. Affected user(s) receiving the following error upon attempt to access K2 smartforms:

An error occurred trying to authenticate the user.

System.Runtime.InteropServices.COMException (0x80005000): Unknown error (0x80005000)
 

Sample error message screenshot:

Diagnoses

This is known issue with ADUM with coldfix available via request to K2 support:

TFS 545087 - Identity Service / ADUM - Disable user if in an Organizational Unit (OU) with a / in the name (testOU/test) - ADUM fails to resolve.

This issue is addressed in 4.6.11 release. Coldfix also addresses issue related with using "*" symbol in AD DS group names.



 

Resolution

Contact K2 support to obtain relevant coldfix or upgrade to the newer version of K2. If possible consider not using special characters like "/" or "*" for AD DS objects.