Home
Preventing security access checks
If you decide that you do not want to perform security checks (for example, in a test environment), we can disable the OAM in one of two ways:
- Set the operating system environment variable MQSNOAUT as follows, before you create a queue manager (if you do this, we cannot add an OAM later):
On Windows systems:
SET MQSNOAUT=yesOn UNIX systems:
export MQSNOAUT=yes- Use the WebSphere MQ Explorer or edit the queue manager configuration file to remove the service. (if you do this, we cannot add an OAM later)
If you use setmqaut, or dspmqaut, while the OAM is disabled, the following will occur:
- The OAM will not validate the specified principal, or group, meaning the command will accept invalid values.
- The OAM will not perform security checks and will indicate that all principals, and groups, are authorized to perform all applicable object operations.
When an OAM is removed, it cannot be put back on an existing queue manager. This is because the OAM needs to be in place at object creation time. To use the WebSphere MQ OAM again after it has been removed, the queue manager needs to be rebuilt.
Parent topic:
Using the OAM to control access to objects
fa13260_
Home