Default users and groups


The MVMM Application Service controls access to the MainView Middleware Monitor(MVMM ) Monitor Console and the Services. Using the Monitor Console's Security tab, you control who has access to the product and what functions they can access. The MVMM Application Service controls and enforces over 70 different MVMM and IBM MQ actions. (MVMM  also enforces IBM MQ security through the Agent, which can also be secured.)

Access rights are based on user memberships in groups. The security administrator can enable or disable users or groups.

When passwords travel over the network, they are always protected by SSL encryption.

During the MVMM  product installation, the following default MVMM  users and groups are created and appear in the user and groups list on the Security tab, in the Security tab. Following integration with MainView Middleware Administrator (MVMA), the integration user groups and users are added to the lists.

MVMM users and groups ​

TSMA integration users and groups

NameTypeDescription
TSMA AdministratorUser

User that is created during the configuration of the

Some content is unavailable due to permissions.

 integration with

Some content is unavailable due to permissions.

, including the

Some content is unavailable due to permissions.

Integration Configuration and

Some content is unavailable due to permissions.

Project Access permissions.

This user can use the mqtool utility, use the three

Some content is unavailable due to permissions.

options in the Object Repository Tab and execute the Create WMQ Connection policy action.  Also, all groups with this permission are added as a

Some content is unavailable due to permissions.

Administrator when the

Some content is unavailable due to permissions.

integration is configured or reconfigured. 

If you need to reconfigure the integration, see Managing-integration-with-MainView-Middleware-Administrator-with-the-CLI. The credentials for a single user with this permission are preserved in the

Some content is unavailable due to permissions.

 services.cfg file, enabling this user to log into and configure

Some content is unavailable due to permissions.

If you must change the user's credentials, BMC recommends that you use themqtool utility to do so. 

You can change this user’s password during logon to the Monitor Console or from the Security tab. However, do not use mqsusertool, because it updates the password directly in the security service. When using Active Directory, you should first change the password in Active Directory. Between the time that you change the password in Active Directory and when you execute the mqtool utility, any attempts to add or update WMQ Connections or synchronize groups will fail.

TSMA UsersGroup

Group that enables

Some content is unavailable due to permissions.

 users to access the

Some content is unavailable due to permissions.

project.

During the

Some content is unavailable due to permissions.

 upgrade, groups that had permission to run the Configuration Manager are granted the “

Some content is unavailable due to permissions.

Project Access” permission.

LDAP User User

Single user that enables

Some content is unavailable due to permissions.

to access the security server to authenticate users and retrieve user and group information.

This user requires no permission for other activities in

Some content is unavailable due to permissions.

 and does not need to belong to a group. The credentials for a single user with this permission are preserved in the

Some content is unavailable due to permissions.

 services.cfg file, enabling this user to log into and configure

Some content is unavailable due to permissions.

If you must change this user’s credentials, BMC recommends that you use the mqtool utility to do so.

You can change this user’s password during logon to the Monitor Console or from the Security tab. However, do not use mqsusertool, because it updates the password directly in the security service. When using Active Directory, you must first use the mqtool utility to change the user or password and then change the user’s password in Active Directory. Between the time that the mqtool utility is executed and the password is changed in Active Directory, users are unable to log into

Some content is unavailable due to permissions.

.  

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*