Home
Installable services
There are significant implications to changing installable services and their components. For this reason, the installable services are read-only in the WebSphere MQ Explorer. To change installable services in on Windows systems, use regedit or on UNIX systems use the Service stanza in the qm.ini file.
For each component within a service, also specify the name and path of the module containing the code for that component. On UNIX systems, use the ServiceComponent stanza for this.
- Name=AuthorizationService|NameService
- The name of the required service.
- AuthorizationService
- For WebSphere MQ, the Authorization Service component is known as the Object Authority Manager, or OAM.
The AuthorizationService stanza and its associated ServiceComponent stanza are added automatically when the queue manager is created. Add other ServiceComponent stanzas manually.
- NameService
- No name service is provided by default. If you require a name service, add the NameService stanza manually.
- EntryPoints=number-of-entries
- The number of entry points defined for the service. This includes the initialization and termination entry points.
- SecurityPolicy=Default|NTSIDsRequired (WebSphere MQ for Windows only)
- The SecurityPolicy attribute applies only if the service specified is the default authorization service, that is, the OAM. The SecurityPolicy attribute allows you to specify the security policy for each queue manager. The possible values are:
- Default
- Use the default security policy to take effect. If a Windows security identifier (NT SID) is not passed to the OAM for a particular user ID, an attempt is made to obtain the appropriate SID by searching the relevant security databases.
- NTSIDsRequired
- Pass an NT SID to the OAM when performing security checks.
See Windows security identifiers (SIDs) for more information.
- SharedBindingsUserId=user-type
- The SharedBindingsUserId attribute applies only if the service specified is the default authorization service, that is, the OAM. The SharedBindingsUserId attribute is used with relation to shared bindings only. This value allows you to specify whether the UserIdentifier field in the IdentityContext structure, from the MQZ_AUTHENTICATE_USER function, is the effective user Id or the real user Id. For information on the MQZ_AUTHENTICATE_USER function, see MQZ_AUTHENTICATE_USER – Authenticate user. The possible values are:
- Default
- The value of the UserIdentifier field is set as the real user Id.
- Real
- The value of the UserIdentifier field is set as the real user Id.
- Effective
- The value of the UserIdentifier field is set as the effective user Id.
- FastpathBindingsUserId=user-type
- The FastpathBindingsUserId attribute applies only if the service specified is the default authorization service, that is, the OAM. The FastpathBindingsUserId attribute is used with relation to fastpath bindings only. This value allows you to specify whether the UserIdentifier field in the IdentityContext structure, from the MQZ_AUTHENTICATE_USER function, is the effective user Id or the real user Id. For information on the MQZ_AUTHENTICATE_USER function, see MQZ_AUTHENTICATE_USER – Authenticate user. The possible values are:
- Default
- The value of the UserIdentifier field is set as the real user Id.
- Real
- The value of the UserIdentifier field is set as the real user Id.
- Effective
- The value of the UserIdentifier field is set as the effective user Id.
- IsolatedBindingsUserId =user-type
- The IsolatedBindingsUserId attribute applies only if the service specified is the default authorization service, that is, the OAM. The IsolatedBindingsUserId attribute is used with relation to isolated bindings only. This value allows you to specify whether the UserIdentifier field in the IdentityContext structure, from the MQZ_AUTHENTICATE_USER function, is the effective user Id or the real user Id. For information on the MQZ_AUTHENTICATE_USER function, see MQZ_AUTHENTICATE_USER – Authenticate user. The possible values are:
- Default
- The value of the UserIdentifier field is set as the effective user Id.
- Real
- The value of the UserIdentifier field is set as the real user Id.
- Effective
- The value of the UserIdentifier field is set as the effective user Id.
For more information about installable services and components, see Installable services and components.
For more information about security services in general, see WebSphere MQ security.
Parent topic:
Changing queue manager configuration information
fa12620_
Home