I am using the trial license right now, and it seems that local Workspace and K2 Service Manager would only work if I run the K2 server in console mode.
I would get the 5252 connection error if I start it via K2 Service.
I also can not run Workspace remotely (gets logon dialog pop up) but can run K2 Service Manager remotely.
It's a single server setup (Win2003 SP1, K2 SP4, SQL Server 2005 SP1, no SharePoint) running under VMWare ESX 3.0.
I followed the setup doc, any ideas?
If I set the K2 Service to run under my ID, then it will work remotely for K2 Service Manager, but Remote WorkSpace still gets:
HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials.
Internet Information Services (IIS)
I could however, open Workspace locally on the server.
Page 1 / 1
Hi Peter,
I've seen this error a couple of times. You should create an spn for the AppPool ID account for the AppPool K2V3 is running under. Typically in the format:
setspn -a HTTP/MachineName DomainNameUserName
and
setspn -a HTTP/MachineName.DomainName.local DomainNameUserName
HTH,
Ockert
I've seen this error a couple of times. You should create an spn for the AppPool ID account for the AppPool K2V3 is running under. Typically in the format:
setspn -a HTTP/MachineName DomainNameUserName
and
setspn -a HTTP/MachineName.DomainName.local DomainNameUserName
HTH,
Ockert
setspn -a HTTP/MachineName.DomainName.local DomainNameUserName
I had to translate "DomainName.local" to below syntax.
setspn -a HTTP/K2Server1.microsoft.com MSFTK2ServiceUser
instead of
setspn -a HTTP/K2Server1.MSFT.local MSFTK2ServiceUser
I thought it was fixed, but it only works for me when K2Server service runs under my ID. I can now use Workspace remotely --- which I couldn't do before when K2Server service runs under my ID.
When I change it back to WorkflowDev ID, I would get the 5252 actively refused msg. I did the setspn on WorkflowDev ID and that's the ID running the app pools.
I had to translate "DomainName.local" to below syntax.
setspn -a HTTP/K2Server1.microsoft.com MSFTK2ServiceUser
instead of
setspn -a HTTP/K2Server1.MSFT.local MSFTK2ServiceUser
I thought it was fixed, but it only works for me when K2Server service runs under my ID. I can now use Workspace remotely --- which I couldn't do before when K2Server service runs under my ID.
When I change it back to WorkflowDev ID, I would get the 5252 actively refused msg. I did the setspn on WorkflowDev ID and that's the ID running the app pools.
To give you more information, when I changed K2Server service to run as LocalSystem, I can still use Workspace remotely, but other users still get the credential error. I am using NTLM.
Should be: setspn -a HTTP/K2Server1.microsoft.com MSFTK2ServiceUser
K2Server should not be started under 'Local System' since 'Local System' has not got access to AD.
Regards,
Ockert
K2Server should not be started under 'Local System' since 'Local System' has not got access to AD.
Regards,
Ockert
I believe this setting fixed my issue for NTLM, the key is to restart the computer afterwards.
NTLM
Follow these steps to disable the loopback check:
1. Click Start | Run and then type regedit , and click OK .
2. In Registry Editor, locate and then click the following registry key: KEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa
3. Right-click Lsa , point to New, and then click the DWORD value.
4. Type DisableLoopbackCheck , and then press Enter .
5. Right-click DisableLoopbackCheck , and then click Modify .
6. In the Value data box, type 1, and then click OK .
7. Quit Registry Editor, and then restart your computer.
NTLM
Follow these steps to disable the loopback check:
1. Click Start | Run and then type regedit , and click OK .
2. In Registry Editor, locate and then click the following registry key: KEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa
3. Right-click Lsa , point to New, and then click the DWORD value.
4. Type DisableLoopbackCheck , and then press Enter .
5. Right-click DisableLoopbackCheck , and then click Modify .
6. In the Value data box, type 1, and then click OK .
7. Quit Registry Editor, and then restart your computer.
Reply
View our Community Site Map
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.