K2 BLACKPEARL PRODUCT DOCUMENTATION: USER GUIDE
Required Permissions for K2 Components

Required Permissions for K2 Components

Changing the permission level does not remove users who already have rights on the K2 Server. Use Management Console to remove these users.
Feature Task SharePoint Site Server Rights K2 blackpearl Server Rights Windows / Other Rights 
K2 Server

Send receive emails

N/A N/A Access to a mail account, user name and password
K2 Studio Create Workflow N/A N/A Write access to where you are saving the process
K2 Studio Deploy Workflow N/A Export Rights N/A
Process Portals Create Process Portal Manage Hierarchy on the top site where the Process Portal is created N/A N/A
Process Portals Access Process Portal At least Read rights on the Process Portal N/A N/A
Process Portals Management Worklist At least Read rights on the Process Portal Admin on the Process N/A
Process Portals Reports At least Read rights on the Process Portal View Part or View rights on the Process N/A
Process Portals View Reports At least Read rights on the Process Portal Process Admin, Process View, Process View Participate N/A
Process Portals Instance Management (including Instances Summary) At least Read rights on the Process Portal View rights on the Process N/A
Process Portals Instances Summary Web Part At least Read rights on the Process Portal Server Admin, Admin on the Process, Process View N/A
Process Portals Start Process Instance At least Read rights on the Process Portal Admin on the Process, Start Process N/A
Process Portals Add Process to Portal At least Contributor rights on the Process Portal Server Admin, Admin on the Process N/A
Process Portals Process Instances At least Read rights on the Process Portal Server Admin, Admin on the Process, Process View N/A
Process Portals Process Management - View Detail At least Read rights on the Process Portal Server Admin, Admin on the Process N/A
Process Portals Process Management - View Detail - Roles At least Read rights on the Process Portal Server Admin, Admin on the Process N/A
Process Portals Process Management – Perform Action – Roles At least Read rights on the Process Portal Server Admin, Admin on the Process N/A
Process Portals Process Instances - View Detail At least Read rights on the Process Portal Server Admin, Admin on the Process, Process View N/A
Process Portals Process Instances - Perform Action At least Read rights on the Process Portal Server Admin, Admin on the Process N/A
Process Portals Administration At least Read rights on the Process Portal Admin for the K2 Server N/A
Process Portals Settings (including show/hide/adding process) At least Read rights on the Process Portal View Part or View rights on the Process N/A
Process Portals Processes Web Part At least Read rights on the Process Portal Admin for the K2 Server, Process Admin N/A
Process Portals View landing page - Processes Web part or Management Worklist At least Read rights on the Process Portal Admin for the K2 Server, Process Admin N/A
Process Portals Administration Links (Central/Site) At least Read rights on the Process Portal Admin for the K2 Server N/A
Process Portals Process Scheduler N/A The K2 Service Account requires Start rights on the Process that is being scheduled to start N/A
K2 Designer for SharePoint See the K2 Web Designer Menu item in the List Settings menu Default is SharePoint Members Group or specify a group under K2 site settings N/A N/A
K2 Designer for SharePoint Create New Workflow Default is SharePoint Members Group or specify a group under K2 site settings N/A N/A
K2 Designer for SharePoint Edit a workflow Default is SharePoint Members Group or specify a group under K2 site settings N/A N/A
K2 Designer for SharePoint Reuse one of my workflows Default is SharePoint Members Group or specify a group under K2 site settings N/A N/A
K2 Designer for SharePoint Reuse a shared workflow Default is SharePoint Members Group or specify a group under K2 site settings N/A N/A
K2 Designer for SharePoint Save Template Default is SharePoint Members Group or specify a group under K2 site settings N/A N/A
K2 Designer for SharePoint Publish a workflow Default is SharePoint Members Group or specify a group under K2 site settings N/A N/A
K2 Designer for SharePoint Export a workflow Default is SharePoint Members Group or specify a group under K2 site settings N/A Write access to where you are exporting to
K2 Designer for SharePoint Share a workflow Default is SharePoint Members Group or specify a group under K2 site settings N/A N/A
K2 Designer for SharePoint Start a Workflow on Form Library Rights to access the Form Start rights on the Process N/A
K2 Designer for SharePoint Start a Workflow on a List or Document Library Rights to access the document in the library N/A N/A
InfoPath Integration Start a workflow Contributor on the library Start rights on the Process N/A
InfoPath Integration Deploy an InfoPath Process Contributor rights on SharePoint Site Export Rights N/A
InfoPath Integration Destination user retrieves and updates the temp XML file   Contribute rights on the site N/A N/A
SharePoint Workflow Integration Start a workflow Contributor on the list or library Start rights on the Process N/A
SharePoint Workflow Integration K2 Service Account Rights Needed Full Control on the list or library Impersonate on the K2 Server N/A
SharePoint Workflow Integration SharePoint Service Account Rights Needed Full Control on the list or library Impersonate on the K2 Server N/A
K2 Process Management for Visual Studio Use the Process Management tool N/A Admin on the Process N/A
K2 Data Provider Access SmartObjects Read access to the list or library. This depends on the methods that get executed. An update, insert or delete will require contributor rights N/A N/A
K2 Site Settings Events Integration Management (Activate/Deactivate) Full control on the site Admin Rights N/A
K2 Site Settings Workflow Integration Management (Activate/Deactivate) Full control on the site Admin Rights N/A
K2 Site Settings SmartObject Service Management Read access to the list or library Export Rights and Admin Rights N/A
K2 for SharePoint Tab in central Admin K2 Site Settings Link Full control on the site collection where the feature is being activated; access to SharePoint Central Admin N/A N/A
K2 for SharePoint Tab in central Admin K2 for SharePoint Management Console Full control on the site collection where the feature is being activated; access to SharePoint Central Admin N/A N/A
K2 for SharePoint Tab in central Admin K2 SmartObject Service Integration Full control on the site collection where the feature is being activated; access to SharePoint Central Admin N/A N/A
K2 for SharePoint Tab in central Admin K2 Web Designer Version 2.0 Full control on the site collection where the feature is being activated; access to SharePoint Central Admin N/A N/A
K2 for SharePoint Tab in central Admin K2 Workflow Integration Content Types Full control on the site collection where the feature is being activated; access to SharePoint Central Admin N/A N/A
K2 for SharePoint Tab in central Admin K2 for SharePoint tab in Central Admin Full control on the site collection where the feature is being activated; access to SharePoint Central Admin N/A N/A
K2 for SharePoint tab in Central Admin Add Settings to Site Collection Full control on the site collection where the feature is being activated; access to SharePoint Central Admin N/A N/A
K2 Exchange Event Wizard Object Browser - Exchange Server Field N/A The K2 Service account will need Exchange View Only Administrator rights for the Microsoft Exchange Server N/A
K2 Exchange Event Wizard Create Mailbox and Disable Mailbox actions N/A The Exchange Event should be configured to run as a service or user account with Exchange Organization Administrator rights N/A
K2 Exchange Event Wizard Send Meeting Request and Send Task actions N/A The Exchange Event should be configured to run as a service or user account with impersonation rights with NO Exchange Organization Administrator rights.  The service or user account should also have a trusted server certificate from the Exchange web service in his Personal certificate store. N/A
CRM Event Wizard Create, Update and Delete CRM Entities in the K2 Designer for SharePonit  N/A N/A The AppPool account used for the K2 Designer for SharePoint must have full rights on the CRM server
Active Directory Event Wizard Create and Update Active Directory Users If the K2 Server is installed on Windows Server 2003, LDAP over SSL (LDAPS) will need to be configured. See Using the AD wizard on Windows 2003 and the LDAP requirement N/A N/A

There are several additional permissions that should be set up prior to installing K2 blackpearl. Please see the K2 blackpearl Getting Started Guide for more information regarding these items:

Server Role Permission

K2 Server

The K2 Service Account will need permission to Log on as a Service.

Reporting Services Server

In order to access the temporary directory during runtime, some permissions are required for all authenticated users.

IIS Server

In order to access the temporary directory during runtime, some permissions are required for all authenticated users.

SharePoint Server

In order for K2 workflow processes to be able to be deployed, some permissions are required on the SharePoint directory.

 

 


K2 blackpearl Help 4.6.10 (4.12060.1690.0)