Fixes are available
APAR status
Closed as program error.
Error description
If a security exit is used that updates the SecurityId field of a channel definition, a FDC with the following information may be generated: Probe Id :- XY314146 Component :- xcsTimedLookupAccountSid Probe Description :- AMQ6119: An internal WebSphere MQ error has occurred (WinNT error 87 from LookupAccountSid.) Comment1 :- WinNT error 87 from LookupAccountSid. Comment2 :- The parameter is incorrect. MQM Function Stack zlaMainThread zlaProcessMessage zlaProcessSPIRequest zlaSPIInquireQueueStatus zsqSPIInquireQueueStatus kqiInquireQueueHandleStatus xcsTimedLookupAccountSid xcsFFST
Local fix
Problem summary
**************************************************************** USERS AFFECTED: All Windows users who have replacement OAMs plus security exits on their channels. Platforms affected: Windows **************************************************************** PROBLEM SUMMARY: When an application connects, some context is stored about the userid, and on Windows this includes the SID (security id). On Windows, MQ may use the SID to retrieve the userid if it can. In a setup where the user context is changed by a user exit such that the securityId is overridden, and a user replacement OAM modifies the accounting token so it no longer contains a SID, WebSphere MQ does not have a valid SID to work with and hence stores nulls for the associated SID. When querying the qstatus type(handle), Websphere MQ attempts to resolve the SID into a userid, but in the case where it is no longer valid an FDC is cut showing invalid parameter, and trace shows the parameter is all nulls.
Problem conclusion
WebSphere MQ has been modified to prevent the looking up of a SID during the display qstatus type(handle) processing, if the SecurityId is no longer a valid SID. --------------------------------------------------------------- The fix is targeted for delivery in the following PTFs: v7.0 Platform Fix Pack 7.0.1.4 -------- -------------------- Windows U200323 The latest available maintenance can be obtained from 'WebSphere MQ Recommended Fixes' http://www-1.ibm.com/support/docview.wss?rs=171&uid=swg27006037 If the maintenance level is not yet available, information on its planned availability can be found in 'WebSphere MQ Planned Maintenance Release Dates' http://www-1.ibm.com/support/docview.wss?rs=171&uid=swg27006309 ---------------------------------------------------------------
Temporary fix
Comments
APAR Information
APAR number
IC70076
Reported component name
WMQ WINDOWS V7
Reported component ID
5724H7220
Reported release
701
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-07-21
Closed date
2010-07-28
Last modified date
2010-07-28
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WMQ WINDOWS V7
Fixed component ID
5724H7220
Applicable component levels
R701 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSDEZSF","label":"IBM WebSphere MQ Managed File Transfer for z\/OS"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
31 March 2023