Configuring the SQL User Manager

The K2 SQL User Manager allows user information to be stored in a SQL database. K2 uses that SQL database for authentication and authorization of K2 tasks.

  • If you installed K2 using the default user manager (Active Directory) and not the SQL User Manager, but you want to use a newly-registered SQL User Manager as the default user manager, you must implement the information presented in the Changing the Default User Manager topic.
  • The K2SQL security label must not be renamed. If creating a custom SQL user manager, you must create a new security label such as DenallixSQL.
  • Before running the scripts, edit the scripts to insert your custom security label name.

To register the SQL User Manager, the SecurityLabels table in the K2 database must be modified. This table stores the security label, security provider and authorization / role initialization data for the user manager. The K2 User Manager sample scripts available for download allows you to add or remove a SQL User Manager. Be sure to edit the scripts to fit your configuration before executing them. Follow the steps below to add the SQL User Manager.

  1. Download and extract the K2 User Manager sample scripts.
  2. Open the K2 SQL User Manager (Setup).sql script and edit it for your environment.
  3. Execute the K2 SQL User Manager (Setup).sql script from Microsoft SQL Server Management Studio against the K2 database.
  4. Refresh the User Manager Cache.
  5. Restart the K2 blackpearl Server service.

Users must be added manually to the SQL database. For security purposes, a stored procedure has been provided which will encrypt the password for each user name that will be entered. Follow the steps below to add a user.

  1. Open Microsoft SQL Server Management Studio.
  2. Connect to the server where the K2 database is installed.
  3. Expand the K2 database (K2 is the default name; you might have changed it when installing K2).
  4. Browse to the following path: K2 > Programmability > Stored Procedure
  5. Locate CustomUM.CreateUser, right click and select Execute Stored Procedure.
  6. The Execute Procedure dialog will display and you can enter the users details.
  7. Once the user details are entered, click OK for the stored procedure to run. This process should be completed for each user.

To add a user to a group, you need to first create the group in the database, then add the user to that group. Create the group manually by following these steps:

  1. Open Microsoft SQL Server Management Studio.
  2. Connect to the server where the K2 database is installed.
  3. Expand the K2 database (K2 is the default name; you might have changed it when installing K2).
  4. Right click on CustomUM.Group and select Edit Top 200 Rows.
  5. Enter the group details into the table (GroupID is automatically generated when the details are committed to the table.).

    Now add the relevant users you created to the group.
  6. Right click on CustomUM.UserGroup and select Edit Top 200 Rows.
  7. Enter the GroupID (from CustomUM.Group entry you just created) and the UserID (from CustomUM.Users which will be populated by the stored proc you ran when creating the user) into the table and commit the changes to the database.

To add a SQL user to a role, add the user to the required role through K2 Workspace > Management Console > Roles.

If you need to remove a SQL user or update a SQL user’s password, please contact support for instructions.