Windows 2003 server with K2 and SQL.
2nd Windows 2003 Server with Sharepoint.
Users with the K2.Net sharepoint webpart are unable to get their list of tasks. It always says "no details".
In looking at the k2server.log, this is what I see when the user refreshes the page:
03-08-05 01:47:47 Authenticated NT AUTHORITYANONYMOUS LOGON using NTLM
03-08-05 01:47:47 Marshalling: OpenWorklist2
So it says no details because the Anonymous user of course has none, but how do I get it to authenticate?
I verified that no IIS virtual directories are even allowing anonymous logins.
I followed the directions on the Task List pdf file on the documentation CD, including allowing kerberos as documented here:
http://support.microsoft.com/?kbid=832769
+11
Hi,
You were on the right track by enabling Kerberos authentication. Please have a look at the following KB article to make sure you followed all the necessary steps:
http://kb.k2workflow.com/Articles/KB000030.aspx
Hope this helps.
You were on the right track by enabling Kerberos authentication. Please have a look at the following KB article to make sure you followed all the necessary steps:
http://kb.k2workflow.com/Articles/KB000030.aspx
Hope this helps.
+1
Thanks for the reply. Since we are evaluating K2 we don't have a login to the portal so I can't access the knowledgebase. Any chance you can post its contents? I really hate that the knowledgebase isn't open to the public. No other company forces you to login to their knowledgebase.
+11
Send me an email to [Deleted] so that I can forward the article to you.
+7
kbradl1,
Did you success to show task list?
I've exactly the same configuration than yours and can't get this webpart to work...
I sent a support request but waiting for response, so if someone have any advice...
Here is my config:
Architecture:
Server A is Sharepoint server with K2 webpart
Server B is K2 server
Server B is SQL
Server C is DC
Service Accounts
SharePoint IIS is running under local system account
SharePoint App Pool is running under domain account D
K2 server is running under domain account D
SQL instance is running under domain account E
Configuration
Trust for delegation
A
B
D
SPN
For Account D
http/A
http/A.domain.local
IIS
I set the NTAuthenticationProviders to « Negotiate,NTLM » on Sharepoint Web server
Account D is member of IIS_WPG group
K2
I set the registration authentication to Kerberos
Is there something I'm missing?
Did you success to show task list?
I've exactly the same configuration than yours and can't get this webpart to work...
I sent a support request but waiting for response, so if someone have any advice...
Here is my config:
Architecture:
Server A is Sharepoint server with K2 webpart
Server B is K2 server
Server B is SQL
Server C is DC
Service Accounts
SharePoint IIS is running under local system account
SharePoint App Pool is running under domain account D
K2 server is running under domain account D
SQL instance is running under domain account E
Configuration
Trust for delegation
A
B
D
SPN
For Account D
http/A
http/A.domain.local
IIS
I set the NTAuthenticationProviders to « Negotiate,NTLM » on Sharepoint Web server
Account D is member of IIS_WPG group
K2
I set the registration authentication to Kerberos
Is there something I'm missing?
+11
You will also have to create an SPN for the K2Server service. In K2.net Service Manager, open the Server Properties and select the Advanced tab. Specify Account 'D' and create the SPN by clicking on the appropriate button - You'll have to run K2.net Service Manager as a domain admin.
For troubleshooting, start K2.net Server in console mode. Connnect through K2.net Service Manager by setting authentication mode to Kerberos. Have a look at K2.net Server console and make sure it says something like 'Authenticated UserA by using Kerberos.'
Next, test the K2.net Workspace. Log on with any account and once again have a look at the console to see whether Kerberos authentication took place.
If everything worked fine up to this point, test the task list webpart.
Even with Kerberos enabled as in your post below, there can still be a host of reasons why it is not working - like duplicate SPN entries. Make sure you do not have duplicate SPN's i.e. NO Two users may have SPNs defined for the same service.
Have you got your K2V3 site under 'Default Websites' and Sharepoint on a separate website with its own host header or port?
Make sure all K2.net sites run under the exact same AppPool.
Hope this helps,
Ockert
For troubleshooting, start K2.net Server in console mode. Connnect through K2.net Service Manager by setting authentication mode to Kerberos. Have a look at K2.net Server console and make sure it says something like 'Authenticated UserA by using Kerberos.'
Next, test the K2.net Workspace. Log on with any account and once again have a look at the console to see whether Kerberos authentication took place.
If everything worked fine up to this point, test the task list webpart.
Even with Kerberos enabled as in your post below, there can still be a host of reasons why it is not working - like duplicate SPN entries. Make sure you do not have duplicate SPN's i.e. NO Two users may have SPNs defined for the same service.
Have you got your K2V3 site under 'Default Websites' and Sharepoint on a separate website with its own host header or port?
Make sure all K2.net sites run under the exact same AppPool.
Hope this helps,
Ockert
+7
K2V3 is not under default web site, it is on port 8000
For sharepoint, it is on port 80
For sharepoint, it is on port 80
+11
The KB article discussing Kerberos authentication has been updated. Please have a look at: http://kb.k2workflow.com/Articles/KB000123.aspx
and make sure you've followed all the steps.
Regards,
Ockert
and make sure you've followed all the steps.
Regards,
Ockert
Reply
View our Community Site Map
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.