Comments (2)
  • Add a Comment
  • Edit
  • More Actions v
  • Quarantine this Entry

1 MD_Vilvoorde commented Permalink

Thanks for the clear explanation. I do have a question : we are using MQ on unix : can I use a unix group, to grant authorization ? This to avoid if people are added and/or removed, that double administration is needed.

2 MoragH commented Permalink

The definition of privileged (i.e. the interpretation of *MQADMIN) on Unix, is membership of the mqm group - so certainly for this you can use a Unix Group. If you want to block other users, not in the mqm group, you must list the user names, not the group names in the USERLIST attribute. For authorisation purposes, i.e. can user fred put to a queue or start a channel etc, you can indeed grant those authorisations for fred's group, and this is generally advised as best practice - use groups not single users, for setmqaut commands. Hope that helps. Cheers Morag