K2 blackpearl Product Documentation: Installation and Configuration Guide
K2 Environment Security

K2 Environment Security and Permissions

After installing K2 blackpearl, there are some manual steps to configure the additional service accounts with permissions in K2. The K2 Service Account is granted Admin and Impersonate rights during configuration, which allows you to grant the additional rights necessary.

If you cannot set security rights in the K2 Workspace, try logging on as the K2 Service Account.

Default Permissions

The following permissions are set up during the Configuration process:

Default Permissions
K2 Service Account
  • Admin
  • Impersonate

Manual Configuration

In the table below, the additional permissions required are listed:

Necessary Permissions
SharePoint Application Pool
  • Admin
  • Impersonate
  • Export
K2 Workspace Application Pool
  • Admin
  • Impersonate
K2 Administration Account
  • Admin
Developer Accounts
  • Export*
* To deploy a process the Export permission is required

To grant these permissions, perform the following steps:

  1. Open Internet Explorer
  2. Browse to the K2 Workspace Web Site
  3. Click on Management > Management Console
  4. Expand the node next to your K2 Server
  5. Expand the node next to Workflow Server
  6. Click on Server Rights
  7. Click the Add button
  8. In the dialog that opens, search for your service accounts
  9. Check the box next to the accounts you want to give permission to, and click OK
  10. Check the box(es) under the appropriate permission, as described in the table above
  11. Click Save

 

 


K2 blackpearl Product Documentation: Installation and Configuration Guide 4.6.11