I can see it in the workspace/report...
Is it the user starting the AppPool your Planpage site is running under?
Have you got the Identity Impersonate = true line in your solutions web.config?
Regards,
Ockert
yes, i have this line
i forgot to write, that the k2 server is seperated, and i connect to it from the iis server.
i connect it with a connection string when i start a process with the API.
the line from the webconfig:
<add key="K2ConnectionString" value="[;];Authentication=Windows;Domain=domain name;User=yshamam;Password=....."/>
so i connect with this code :
string srv = ConfigurationSettings.AppSettings["PlanServer"];
string procSrv = ConfigurationSettings.AppSettings["ProcessName"];
Connection k2Con = new Connection();
string strCon = ConfigurationSettings.AppSettings["K2ConnectionString"];
k2Con.Open(srv,strCon);
and "yshamam" is the written originator all the time, even if i open the process from my computer...
Yes, this is expected. You open the connection with this user EVERYTIME.
Take out the Connection string from the Open method and try again:
k2Con.Open(srv);
Regards,
Ockert
I get this Error:
NT AUTHORITYANONYMOUS LOGON does not have permissions to start the process
i can pass this line :
k2Con.Open(srv);
but i get the error on :
ProcessInstance proc = k2Con.CreateProcessInstance(procSrv);
Oron.
Because your IIS server and K2.net server is separated, you'll need to enable Kerberos authentication to carry the user credentials from one machine to the next. Default NTLM authentication CAN NOT do this.
Please refer to KB article #123 to help you with enabling Kerberos delegation.
Regards,
Ockert
Thank you very much Ockert !
One more question, where i need to change it to kerberos ? on the k2 server, or on the iis machine that the app is running on ?
Oron.
You'll have to read the whole KB article. It entails changes to AD, K2.net Server and IIS.
Regards,
Ockert
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.