Authority to administer WebSphere MQ on i5/OS
To be a WebSphere MQ administrator on i5/OS(TM), you must be a member of the QMQMADM group. This group has properties similar to those of the mqm
group on UNIX(R) and Windows(R) systems. In particular, the QMQMADM group is
created when you install WebSphere MQ for iSeries, and members of the QMQMADM group have access
to all WebSphere MQ resources on the system. You also have access to all WebSphere MQ resources
if you have *ALLOBJ authority.
Administrators can use CL commands to administer WebSphere MQ. One of these
commands is GRTMQMAUT, which is used to grant authorities to other users. Another command, STRMQMMQSC,
enables an administrator to issue MQSC commands to a local queue manager.
There are two groups of CL command provided by WebSphere MQ for iSeries:
- Group 1
- To issue a command in this category, a user must be a member of the
QMQMADM group or have *ALLOBJ authority. GRTMQMAUT and STRMQMMQSC belong to
this category, for example.
- Group 2
- To issue a command in this category, a user does not need to be a member
of the QMQMADM group or have *ALLOBJ authority. Instead, two levels of authority
are required:
- The user requires i5/OS authority to use the command. This authority is granted
by using the GRTOBJAUT command.
- The user requires WebSphere MQ authority to access any WebSphere MQ object associated
with the command. This authority is granted by using the GRTMQMAUT command.
The following are examples of commands in this group:
- CRTMQMQ, Create MQM Queue
- CHGMQMPRC, Change MQM Process
- DLTMQMNL, Delete MQM Namelist
- DSPMQMAUTI, Display MQM Authentication Information
- CRTMQMCHL, Create MQM channel
For more information about this group of commands, see Authority to work with WebSphere MQ objects.
For more information about the authority you need to administer WebSphere MQ on i5/OS, see WebSphere MQ for iSeries V6 System Administration Guide.