Space banner


This space provides the same content as before, but the organization of the home page has changed. To help you quickly find the content that you need, topics are now organized based on logical branches instead of legacy book titles

Security for Windows and UNIX platforms

Security for distributed platforms is provided by the Object Authority Manager (OAM) for IBM MQ.

To configure the security

  1. Define a user ID that matches the user ID that is associated with the BBI-SS PAS.

    The ID that you define has been specified in the started task security table for your external security manager. During BBI-SS PAS startup, the job log displays message IEF695I, which identifies the defined user ID.

  2. Define the user to the IBM MQ mqm group.

    Membership in the mqm group ensures complete access to IBM MQ, including DISPLAY, ALTER, and DEFINE authority for IBM MQ objects.

  3. Stop the queue manager, and then restart it to activate the command.

    This step is necessary because group authorizations might be cached by the OAM. Changes made after authorizations for a group are cached and are not recognized until the queue manager is restarted.

    For Windows, if IBM MQ is defined as a started service, it cannot be assigned as a System Account. If IBM MQ is assigned as a System Account and then defined as a started service, channel actions fail and authorization errors occur.

To change the Account setting

  1. Access the Control Panel.
  2. Double-click Services.
  3. Select IBM MQ , and click the Startup button.
  4. In the Log On As dialog box, click This Account and specify an administrative account that has mqm group privileges.
  5. Click OK.

Was this page helpful? Yes No Submitting... Thank you