Author Archives: Mikhail

K2 Setup Manager: The selected user needs to have Domain Users privileges to proceed

Once in a while you can bump into a warning from K2 Setup Manager which says: “The selected user needs to have Domain Users privileges to proceed” on K2 Site Application Pool Configuration which looks as shown below:

The selected user needs to have Domain Users privileges to proceed

I was not able to confirm what exactly triggers this, but I do know that it happens while specified user in fact has Domain User group membership and I saw it with both K2 4.6.x and K2 Five installers. Good news that bypass this blocking warning is easy – you just need to edit Product.config file in your installation directory and set domainusercheck value to false as shown below:

Setting domainusercheck key to false

You will need to restart K2 Setup Manager after saving this change and you should be able to proceed without receiving any any warnings.

Please follow and like us:
error0

K2 Setup Manager – MSDTC is not configured correctly

The other day I’ve been doing installation of K2 4.7 on standalone (i.e. non-joined to domain) Windows Server 2016 machine with SQL Server installed locally on the same box, and bump into MSDT Network Access analysis result failure, receiving error shown below:

MSDTC Network Access Analysis Result: Failed

That’s quite a standard warning which explicitly says you what kind of check boxes you need to tick in Local DTC Properties (be sure to use comexp.msc or dcomcfg commands to open Component Services snap-in). K2 Setup Manager will explicitly tell you what checkbox is not set as shown on sample screenshot below:

Configuration Analysis reporting MSDTC options not configured correctly

But if you look at the first screenshot – there is no incorrectly configured settings, and I was pretty sure that I know these settings quite well, having couple of old posts on the topic (see #1, #2). So I was a bit baffled by this warning. After consulting related K2 documentation section I realized that it also indicates that it is necessary to configure relevant firewall rules :

Enable and Configure the DTC Components

Configure firewall to allow MSDTC access with the following command:

netsh advfirewall firewall add rule name=”MSDTC” dir=in action=allow program=”%windir%\system32\msdtc.exe” enable=yes

Configure firewall to allow SQL Server access with the following command:
netsh advfirewall firewall add rule name=”MSSQLSERVER” dir=in action=allow program=”C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Sqlservr.exe” enable=yes

These firewall settings must be activated on SQL server in order for MSDTC to work:

Distributed Transaction Coordinator (RPC)
Distributed Transaction Coordinator (RPC-EPMAP)
Distributed Transaction Coordinator (TCP-In)

Despite in my case SQL and K2 servers very hosted on the side machine I tried to add required firewall settings – and, somewhat naturally, it didn’t resolve the error. So it took me searching a bit more till I found relevant MSFT documentation (New functionality in the Distributed Transaction Coordinator service in Windows) which clarifies that “No Authentication Required” option must be used in the following scenarios:

  • The network access is between computers that are running Microsoft Windows 2000.
  • The network access is between two domains that do not have a mutual trust configured.
  • The network access is between computers that are members of a workgroup.

As you can understand having both SQL and K2 on the same server in workgroup mode translates into “network” access is between computers that are members of a workgroup. So to resolve K2 setup manager warning in this scenario it is necessary to tick “No Authentication Required” option in Local DTC Propertis:

Local DTC Properties – No Authentication Required

I do realize that installation on a member server not joined to domain is not the most frequent scenario (although it is if you install K2 on cloud servers non-joined to domains), it is sad that K2 installer does not report what kind of setting is necessary in the workgroup mode scenario – that goes into nice to have list of additional checks, but until it’s not there you have this post 🙂

Please follow and like us:
error0

Installation Cannot Continue – One or more roles were found that contain SmartObject results

Starting from K2 Five 5.1 ability to use SmO methods to populate/determine Role membership was removed and installer will block your upgrade process displaying the following error message:

Installation Cannot Continue – One or more roles were found that contain SmartObject results

Error message lists all roles which contain SmartObjects which have to be removed before you can proceed with upgrade (no installer restart required after removal) – this is clear and easy thing to do, and it is documented in KB002145. But in my case my upgrade to 5.2 was complicated by some other fascinating errors and hiccups, I’ll just list them: 5.2 installer was failing to start with unhandled exception (for some reason it didn’t want to work from non system drive / drive which was different from K2 installation drive), it was saying that my installation user does not have required rights (until run using K2 service account), in addition to that all UIs were broken with Invalid Archive type error.

The fact that UIs were broken yet I wanted to move on with upgrade (remove roles) required me to remove SmO from role(s) through the database modification, luckily in this case role membership entries are stored in quite plain and easily readable table – Identity.RoleItem where you can clearly see SmartObject name in FQN column (clearly differs from your regular users and groups in FQN form) with Type 4. To remove SmO from role you just remove entire line from that table, the only thing I would to add: make it your habit to backup K2 DB before you touch it, even if you are super-sure that you know what are you doing 🙂

I hope this information may save some one some time if you run into similar scenario and that’s it for now.

Please follow and like us:
error0

Unable to add HTTPS binding for SSRS 2014

I recently bump into an issue with HTTPS binding configuration for SSRS 2014. Instance was not touched for quite some time and self-signed HTTPS certificate expired. I generated new one and was trying to add new binding but SSRS console was keep removing HTTPS binding immediately after adding it with “We were unable to create the certificate binding.” message. I believe it was accompanied by HRESULT: 0x80040241. Internet is full of information on the problem and it looks like this thread, for example contains exhaustive list of things you need to check. But basically it turned out that beyond review and manual clean up of urlacls (netsh http show urlacl / netsh http delete urlacl) it was also necessary to copy my self-signed PS generated certificate from machine Personal store into machine Trusted root certificates store (hint was found here).

In a nutshell: when adding SSRS binding fails you need to know that those are not represented nowhere in IIS GUID, update your certificate (remove old, add new and be sure it is trusted on a Trusted Root level), next be sure you use right (non occupied by other services) ports and host names clearing up SSL reservations if necessary ( netsh http show urlacl / netsh http delete urlacl). Read error message you have and drill down into details to see error code – despite not showing its site and bindings in IIS console SSRS console does everything it can to say you what’s wrong / why it can’t proceed with adding binding, though I do admit underlying infrastructure of scattered configs and urlacls reservation can be intimidating at times.

Please follow and like us:
error0

98-375 exam passed

In my previous post I’ve promised to do some posts covering my preparation to 98-375 exam, but it turned out that I didn’t find time to do any. Sadly I’m unable to allocate time for writing here on any topics lately, and it is not that there is nothing to write about, it’s just lack of time 🙂 For example there are rather a lot of interesting stuff going on in K2 space, yet I haven’t write anything on this topic for quite some time now.

Anyhow as I passed 98-375 exam I would do a little entry about this. Here you havee my results:

Some thoughts on that now. For preparation I’ve used the following resources:

Now a little bit about these exam preparation resources. Channel 9 videos are very good as they provide complete exam overview and available for free. It is not all you need to pass the exam but watch them carefully (and maybe a few times) and you will learn not only how is this exam, but some practical things you will be definitely tested on.

LinkedIn videos are great too, but you really need to watch them more than once and do practice labs or try things you learn about otherwise knowledge retention will be weak. At the very least you want to do a 2 pass with most of the course – 1st just watch and get a broad picture, 2nd to absorb it really slowly and pay attention to details. To access these materials you have to have paid subscription, but comparing its price tag with some other training options or even books price is more than acceptable.

Lat but not least, MeasureUP practice test. It costs 88 EUR, and for this specific exam practice test content can be criticized a bit. In my opinion: 1) Content has not been updated at all since exam release. Result: 60% of links in question explanations are changed does not work (hey MeasureUP, seriously, that type of updates does not require a big investment on your side, why not invite something to do a review? I can do it in exchange for some preparation materials access 🙂 ). 2) There are some obvious typos in the test. 3) Depressingly high number of questions revolving around Windows Phone and IE10 specifics. In fact I didn’t have any of those on the exam and after taking it it feels that unlike MeasureUP practice test, exam content was updated 🙂

On my results. I’ve scored with 76 points (70 is passing threshold), and, in spite of all my complains on MeasureUP practice test content quality it was instrumental in passing exam. Even if we ignore ALM and JavaScript domains, HTML and CSS topics give you just enormous amount of things and behavioral peculiarities on which you potentially can be tested, and having some specific questions touching on all these little things really helped. I feel that practice test questions bank didn’t contain enough CSS questions (it had only 25) and my result clearly reflects that. Though I obviously don’t count me as an any kind of expert in JavaScript, I do recognize that CSS is something I need to learn more which clearly reflected in exam score.

All in all, I’m satisfied with this exam and can recommend it to anyone who want to add some sort of goal/milestone to their entry web development learning journey – good entry level exam allowing you to learn and verify knowledge of basic components of web development and get more confidence to plan next steps on that route.

What’s next? I’m going to “relax a bit” taking 2 or more Microsoft Exams related to SQL Server (more about this in next posts), and once I’m done with that I will do a “full fledged” version of 98-375 exam, i.e. 70-480 Programming in HTML5 with JavaScript and CSS3.

Please follow and like us:
error0