K2 locking out an AD account

  • 15 May 2013
  • 2 replies
  • 15 views

Badge

I have a user account will lock out whenever she logged into the K2 worklist or other pages.


Other users have no such issue.


 


Please advise.


2 replies

Badge +7

For future seekers of an answer or suggestion to this problem:

 

Try resetting the cached credentials in K2 by doing the following

1. Access Workspace as your account

2. Cick on User Settings > Single Sign-On

3. Check the checkbox for the 'K2' security label

4. Edit your credentials

5. Enter your password and select 'Ok'

6. See if you can now access K2 or if the account still gets locked

 

OR similarly

1. Access Workspace as your account

2. Click on User Settings > Single Sign-On

3. Remove the credentials against the 'K2' (or relevant label)

4. Enter your credentials

5. See if you can now access K2 or if the account still gets locked out

 

Explanation for the latter steps:

When you remove this user credential, this user (your account only) will only be disabled and will not be removed from the list. The user details will still be stored in the HostServer.SecurityCredentialCache table and you still able to login to Workspace.

After you click on Edit and provide your password, your user credential will be recached again. The reason you are doing this is because the Active Directory credentials are cached and stored securely in the K2 Databases using an encrypted password. Sometimes K2 still using the old cache until the cache was refreshed and as a result, the account was locked out.

 

If those prove unsuccessful, you may also consider trying this:

1. Run the following query in K2 database:-

Update [K2].[HostServer].[SecurityCredentialCache] set Password ='0' Where Username ='DomainUsername'

2. Edit the credential at SSO page to recache the credential

 

Lastly:

I've found there have been cases where credentials were cached by the Windows Credential Manager and caused an AD user lock out. 

1. Navigate to the Windows Credentials Manager

2. Remove the account with the old password

3. Voila!

 

HTH

Userlevel 5
Badge +16

Thank you Alyssa :)

Reply