Use the command line to configure the appliance to authenticate local users defined on
the appliance.
About this task
You can use commands to configure role based management such that the appliance uses local user
definitions. You create the users in a separate procedure, see Configuring local users by using the command line.
Procedure
-
Connect to the IBM® MQ Appliance as described in
Command line access. Log in as an administrative user.
-
Type
config to enter global configuration mode.
-
Type the following command to configure role based management:
-
Enter the following command to specify the XML file authentication method:
-
Alter the default cache settings, if required. By default, the appliance caches results of
authentication attempts for 600 seconds, but you can change the mode of caching, and the caching
duration by entering the following commands:
au-cache-mode mode
au-cache-ttl seconds
Where
mode is one of:
- absolute
-
Caches the results of user authentications for a period of time that is specified by the
au-cache-ttl command (the explicit time-to-live). This setting is the default
setting.
- disabled
-
Disables caching. The appliance will not cache any results and instead always authenticates every
time a user requests access.
- maximum
-
Compares the explicit TTL to the TTL contained in the response (if any) and cache authentication
results for the maximum of the two values.
- minimum
-
Compares the explicit TTL to the TTL contained in the response (if any) and cache authentication
results for the minimum of the two values.
Example
The following example configures the appliance to use local user definitions.
mqa# config
Global configuration mode
mqa(config)# rbm
Modify RBM Settings configuration
mqa(config rbm)# au-method local
mqa(config rbm)# exit
mqa(config)# write memory
Overwrite previously saved configuration? Yes/No [y/n]: y
Configuration saved successfully.
What to do next
After you specify the user authentication method, you must next configure credential mapping.