CRL LDAP authentication information properties

The following tables list all the attributes that you can set for CRL LDAP authentication information objects:

Some attributes are specific to z/OS® authentication information objects.

For each attribute, there is a brief description of when you might need to configure it. The tables also give the equivalent MQSC parameter for the ALTER AUTHINFO and DISPLAY AUTHINFO commands. For more information about MQSC commands, see Script (MQSC) Commands in the IBM® online IBM WebSphere® MQ product documentation.

General page

The following table lists the attributes that you can set on the General page of the CRL LDAP Authentication Information properties dialog.

Attribute Meaning MQSC parameter
Authinfo name Read-only. You cannot change the name of an authentication information object after it has been created. AUTHINFO
Authinfo type The type of the authentication information object. Only CRL LDAP is available. AUTHTYPE
Description Type a meaningful description of the purpose of the authentication information object. See Entering strings in WebSphere MQ Explorer. DESCR
QSG disposition Read-only. The queue-sharing group disposition of the authentication information object. You cannot change the disposition of an authentication information object after it has been created. Queue manager means that the object definition is available only to the queue manager that hosts it; Group means that the object definition is stored on the shared repository and each queue manager in the queue-sharing group has a copy of the definition; Copy means that the object definition is the queue manager's copy of a definition in the shared repository. QSGDISP

LDAP page

The following table lists the attributes that you can set on the LDAP page of the CRL LDAP Authentication Information properties dialog. The LDAP page displays the name and authentication information for the LDAP server.

Attribute Meaning MQSC parameter
LDAP Server Name Type the host name, IPv4 dotted decimal address, or IPv6 hexadecimal notation of the host on which the LDAP server is running, with an optional port number. If you specify the connection name as an IPv6 address, only systems that are running WebSphere MQ Version 6.0 or later with an IPv6 stack are able to resolve this address. If the authentication information object is part of the queue manager's CRL namelist, ensure that any clients that are using the client channel table that is generated by the queue manager are capable of resolving the connection name. On z/OS, to use a connection name that resolves to an IPv6 network address, the level of z/OS must support IPv6 for connecting to an LDAP server. CONNAME
User ID Type the Distinguished Name of the user who is accessing the LDAP server, with the following limitations:
  • On OS/400®, UNIX, and Windows, the maximum length is 1024 characters.
  • On z/OS, the maximum length is 256 characters.
  • If you use asterisks (*) in the user name, they are treated as literal characters, and not as wild cards, because the LDAP user ID is a specific name and not a string used for matching.
LDAPUSER
Password Type the password that is associated with the Distinguished Name of the user who is accessing the LDAP server. The maximum length is 32 characters. LDAPPWD

Statistics page

The following table lists the attributes that you can set on the Statistics page of the CRL LDAP Authentication Information properties dialog. The Statistics page displays information about the history of the authentication information object. You cannot edit the values of any of these attributes.

Attribute Meaning MQSC parameter
Alteration date Read-only. This is the date on which the process definition's attributes were last altered. ALTDATE
Alteration time Read-only. This is the time at which the process definition's attributes were last altered. ALTTIME