Security stanza of the client configuration file

Use the Security stanza to disable or enable AMS for client connections to a queue manager.

Note: The description of each attribute of this stanza indicates which IBM® MQ clients can read that attribute. For a summary table for all IBM MQ MQI client configuration file stanzas, see Which IBM MQ attributes can be read by each client.

The following attribute can be included in the Security stanza:

DisableClientAMS = NO|YES

The DisableClientAMS attribute allows you to disable IBM MQ Advanced Message Security (AMS) if you are using an IBM WebSphere® MQ 7.5 or later client to connect to a queue manager from an earlier version of the product and a 2085 (MQRC_UNKNOWN_OBJECT_NAME) error is reported.

From IBM WebSphere MQ 7.5, IBM MQ Advanced Message Security (AMS) is automatically enabled in an IBM MQ client and so, by default, the client tries to check the security policies for objects at the queue manager. However, servers on earlier versions of the product, for example IBM WebSphere MQ 7.1, do not have AMS enabled and this causes 2085 (MQRC_UNKNOWN_OBJECT_NAME) error to be reported.

The following examples show how to use the DisableClientAMS attribute:

To disable AMS:
```
Security:
DisableClientAMS=Yes
```
To enable AMS:
```
Security:
DisableClientAMS=No
```

This attribute can be read by C, IBM MQ classes for Java, and IBM MQ classes for JMS clients.