We're updating some of our product names. K2 Five is now Nintex Automation. You may see both product names in our help pages while we make this change.

Planning for SQL User Manager

The SQL User Manager (SQLUM) is a K2 security provider that allows you to store user information in a SQL database that K2 uses to authenticate identities. While Active Directory, Azure Active Directory, and LDAP-based systems are typically more robust, enterprise-ready Identity Providers (IdPs), you can use SQLUM to provide users who are not part of those IdPs the ability to log in to K2. You can also add these users to K2 Roles, and those roles can contain users from other IdPs as well.

You can use SQLUM for any user that does not belong to a standard IdP. You need to decide what K2 artifacts these users need to access and how they get that access. The first option below is the simplest approach, while the second option allows you more flexibility in separating your SQLUM users from your standard users.

Enable SQLUM users to log in to the same sites that other users (from AD, AAD, or LDAP) use
Create a separate SmartForms runtime site that only SQLUM users use

The most common method of installing and using SQLUM is with the K2 Five Setup Manager. If you are installing K2 in an Active Directory environment, SQLUM will be installed automatically as well and you will not see any options in the installer that relate to SQLUM. If an Active Directory domain is not detected during installation (such as in the case of a workgroup server not joined to a domain), SQL User Manager is the only choice for User Manager and you will see it listed on the following page in the installer, as shown here:

See the following topics for more information about SQLUM:

Non-AD Workgroup Installation: Similar to a standard K2 installation, but SQLUM is the only User Manager available.
Configuring a Secondary SmartForms Runtime Site: Configure a secondary SmartForms runtime site for SQL-based or anonymous users.
Configure SmartForms for SQL Server User Manager (SQLUM): Detailed steps on configuring the issuer, claims, and realms for a primary or secondary SmartForms runtime site
Configuring the SQL User Manager: Configuring SQLUM as a primary or secondary identity provider.
Adding, Editing and Deleting SQL User Information: Maintaining SQLUM identities using available stored procedures.

Considerations

Before installing K2 on a workgroup server, create a user in SQL Server for the K2 Administrator. For information on required permissions for this and the account you use to install K2 (if they aren't the same), see the topic Required Permissions.
The SQLUM is installed with every installation of K2. However, you cannot choose it as your main user manager if the server is joined to a domain.