-
For DEFINE commands, MQZAO_DISPLAY authority is also needed for
the LIKE object if one is specified, or on the appropriate SYSTEM.DEFAULT.xxx
object if LIKE is omitted.
-
The MQZAO_CREATE authority is not specific to a particular object
or object type. Create authority is granted for all objects for a specified
queue manager, by specifying an object type of QMGR on the GRTMQAUT command.
-
This applies if the object to be replaced already exists. If
it does not, the check is as for DEFINE object NOREPLACE.
Authorizations for PCF commands
This section summarizes the authorizations needed for each PCF command.
No check means that no authorization checking is
carried out; Not applicable means that authorization
checking is not relevant to this operation.
The user ID under which the program that submits the command is running
must also have the following authorities:
- MQZAO_CONNECT authority to the queue manager
- DISPLAY authority on the queue manager in order to perform PCF commands
The special authorization MQZAO_ALL_ADMIN includes the following authorizations:
- MQZAO_CHANGE
- MQZAO_CLEAR
- MQZAO_DELETE
- MQZAO_DISPLAY
- MQZAO_CONTROL
- MQZAO_CONTROL_EXTENDED
MQZAO_CREATE is not included as it is not specific to a particular object
or object type
- Change object
-
| Object
| Authorization required
|
| Queue
| MQZAO_CHANGE
|
| Process
| MQZAO_CHANGE
|
| Queue manager
| MQZAO_CHANGE
|
| Namelist
| MQZAO_CHANGE
|
| Authentication information
| MQZAO_CHANGE
|
| Channel
| MQZAO_CHANGE
|
| Client connection channel
| MQZAO_CHANGE
|
| Listener
| MQZAO_CHANGE
|
| Service
| MQZAO_CHANGE
|
- Clear Queue
-
| Object
| Authorization required
|
| Queue
| MQZAO_CLEAR
|
| Process
| Not applicable
|
| Queue manager
| Not applicable
|
| Namelist
| Not applicable
|
| Authentication information
| Not applicable
|
| Channel
| Not applicable
|
| Client connection channel
| Not applicable
|
| Listener
| Not applicable
|
| Service
| Not applicable
|
- Copy object (without replace) (1)
-
| Object
| Authorization required
|
| Queue
| MQZAO_CREATE (2)
|
| Process
| MQZAO_CREATE (2)
|
| Queue manager
| Not applicable
|
| NamelistMQZAO_CREATE
| MQZAO_CREATE (2)
|
| Authentication information
| MQZAO_CREATE (2)
|
| Channel
| MQZAO_CREATE (2)
|
| Client connection channel
| MQZAO_CREATE (2)
|
| Listener
| MQZAO_CREATE (2)
|
| Service
| MQZAO_CREATE (2)
|
- Copy object (with replace) (1, 4)
-
| Object
| Authorization required
|
| Queue
| MQZAO_CHANGE
|
| Process
| MQZAO_CHANGE
|
| Queue manager
| Not applicable
|
| Namelist
| MQZAO_CHANGE
|
| Authentication information
| MQZAO_CHANGE
|
| Channel
| MQZAO_CHANGE
|
| Client connection channel
| MQZAO_CHANGE
|
| Listener
| MQZAO_CHANGE
|
| Service
| MQZAO_CHANGE
|
- Create object (without replace) (3)
-
| Object
| Authorization required
|
| Queue
| MQZAO_CREATE (2)
|
| Process
| MQZAO_CREATE (2)
|
| Queue manager
| Not applicable
|
| Namelist
| MQZAO_CREATE (2)
|
| Authentication information
| MQZAO_CREATE (2)
|
| Channel
| MQZAO_CREATE (2)
|
| Client connection channel
| MQZAO_CREATE (2)
|
| Listener
| MQZAO_CHANGE
|
| Service
| MQZAO_CHANGE
|
- Create object (with replace) (3, 4)
-
| Object
| Authorization required
|
| Queue
| MQZAO_CHANGE
|
| Process
| MQZAO_CHANGE
|
| Queue manager
| Not applicable
|
| Namelist
| MQZAO_CHANGE
|
| Authentication information
| MQZAO_CHANGE
|
| Channel
| MQZAO_CHANGE
|
| Client connection channel
| MQZAO_CHANGE
|
| Listener
| MQZAO_CHANGE
|
| Service
| MQZAO_CHANGE
|
- Delete object
-
| Object
| Authorization required
|
| Queue
| MQZAO_DELETE
|
| Process
| MQZAO_DELETE
|
| Queue manager
| MQZAO_DELETE
|
| Namelist
| MQZAO_DELETE
|
| Authentication information
| MQZAO_DELETE
|
| Channel
| MQZAO_DELETE
|
| Client connection channel
| MQZAO_DELETE
|
| Listener
| MQZAO_DELETE
|
| Service
| MQZAO_DELETE
|
- Inquire object
-
| Object
| Authorization required
|
| Queue
| MQZAO_DISPLAY
|
| Process
| MQZAO_DISPLAY
|
| Queue manager
| MQZAO_DISPLAY
|
| Namelist
| MQZAO_DISPLAY
|
| Authentication information
| MQZAO_DISPLAY
|
| Channel
| MQZAO_DISPLAY
|
| Client connection channel
| MQZAO_DISPLAY
|
| Listener
| MQZAO_DISPLAY
|
| Service
| MQZAO_DISPLAY
|
- Inquire object names
-
| Object
| Authorization required
|
| Queue
| No check
|
| Process
| No check
|
| Queue manager
| No check
|
| Namelist
| No check
|
| Authentication information
| No check
|
| Channel
| No check
|
| Client connection channel
| No check
|
| Listener
| No check
|
| Service
| No check
|
- Ping Channel
-
| Object
| Authorization required
|
| Queue
| Not applicable
|
| Process
| Not applicable
|
| Queue manager
| Not applicable
|
| Namelist
| Not applicable
|
| Authentication information
| Not applicable
|
| Channel
| MQZAO_CONTROL
|
| Client connection channel
| Not applicable
|
| Listener
| Not applicable
|
| Service
| Not applicable
|
- Reset Channel
-
| Object
| Authorization required
|
| Queue
| Not applicable
|
| Process
| Not applicable
|
| Queue manager
| Not applicable
|
| Namelist
| Not applicable
|
| Authentication information
| Not applicable
|
| Channel
| MQZAO_CONTROL_EXTENDED
|
| Client connection channel
| Not applicable
|
| Listener
| Not applicable
|
| Service
| Not applicable
|
- Reset Queue Statistics
-
| Object
| Authorization required
|
| Queue
| MQZAO_DISPLAY and MQZAO_CHANGE
|
| Process
| Not applicable
|
| Queue manager
| Not applicable
|
| Namelist
| Not applicable
|
| Authentication information
| Not applicable
|
| Channel
| Not applicable
|
| Client connection channel
| Not applicable
|
| Listener
|
|
| Service
|
|
- Resolve Channel
-
| Object
| Authorization required
|
| Queue
| Not applicable
|
| Process
| Not applicable
|
| Queue manager
| Not applicable
|
| Namelist
| Not applicable
|
| Authentication information
| Not applicable
|
| Channel
| MQZAO_CONTROL_EXTENDED
|
| Client connection channel
| Not applicable
|
| Listener
| Not applicable
|
| Service
| Not applicable
|
- Start Channel
-
| Object
| Authorization required
|
| Queue
| Not applicable
|
| Process
| Not applicable
|
| Queue manager
| Not applicable
|
| Namelist
| Not applicable
|
| Authentication information
| Not applicable
|
| Channel
| MQZAO_CONTROL
|
| Client connection channel
| Not applicable
|
| Listener
| Not applicable
|
| Service
| Not applicable
|
- Stop Channel
-
| Object
| Authorization required
|
| Queue
| Not applicable
|
| Process
| Not applicable
|
| Queue manager
| Not applicable
|
| Namelist
| Not applicable
|
| Authentication information
| Not applicable
|
| Channel
| MQZAO_CONTROL
|
| Client connection channel
| Not applicable
|
| Listener
| Not applicable
|
| Service
| Not applicable
|
Note:
-
For Copy commands, MQZAO_DISPLAY authority is also needed for
the From object.
-
The MQZAO_CREATE authority is not specific to a particular
object or object type. Create authority is granted for all objects for a specified
queue manager, by specifying an object type of QMGR on the GRTMQAUT command.
-
For Create commands, MQZAO_DISPLAY authority is also needed for
the appropriate SYSTEM.DEFAULT.* object.
-
This applies if the object to be replaced already exists. If it
does not, the check is as for Copy or Create without replace.