IBM MQ file system permissions on Windows
The following information describes the security applied to the files and directories on Windows. In order to ensure the correct operation of IBM® MQ you should not alter the file system permissions as set by IBM MQ.
- Program directory, and
- Data directory.
Data directory
- Administrators
- Full control
- mqm group
- Full control
- SYSTEM
- Full control
- Everyone
- Read and execute
- DATADIR\errors
- Everyone full control
- DATADIR\trace
- Everyone full control
- DATADIR\log
-
- Administrators
- Full control
- mqm group
- Full control
- SYSTEM
- Full control
- Everyone
- Read
- DATADIR\log\<qmgrname>\active
- Administrators
- Full control
- mqm group
- Full control
- SYSTEM
- Full control
Earlier releases of the product
In releases of the product prior to IBM MQ 8.0, the default program and default data directories were co-located.
In any installation that was originally installed before IBM MQ 8.0. and which was installed to the default locations, and then upgraded from that, the data and program directories remain co-located (in C:\Program Files\IBM\WebSphere MQ.
In the case of co-located data and program directories, the preceding information applies only to the directories that belong to the data directory, and not those that are part of the program directory.