Configure MQMFTCredentials.xml
If Managed File Transfer is configured with security enabled, connection authentication requires all Managed File Transfer commands that connect with a queue manager to supply user ID and password credentials. We can either apply the required parameters for each command, or define an MFT credentials file.
By default, the MFT credentials
file is located, on:
- UNIX platforms and Linux
- $HOME
- Windows
- %USERPROFILE% or %HOMEDRIVE%%HOMEPATH%
The MFT credentials file requires the following permission:
- UNIX platforms and Linux
-
chown <agent owner userid> chmod 600
- Windows
- Firstly by ensuring that inheritance is not enabled, and then removing all user Ids except the agent owner.
The MFT credentials file, MQMFTCredentials.xml contains credential information in XML format and defined either as clear text or obfuscated text. The elements in the MQMFTCredentials.xml file must conform to the MQMFTCredentials.xsd schema. For information about the format of MQMFTCredentials.xml, see MFT credentials file format. We can have one MFT credentials file for the coordination queue manager, one for the command queue manager, one for each agent, and one for each logger.
On z/OSĀ®, a member of a partitioned data set can be used for storing the MQMFTCredentials.xml file.
The credential details used to connect to a Managed File Transfer coordination queue manager, in the Managed File Transfer plug-in for IBM MQ Explorer, depends on the type of configuration:
- Global (configuration on local disk)
- A global configuration uses the credentials file specified in the coordination and command properties.
- Local (defined within IBM MQ Explorer):
- A local configuration uses the properties of the connection details of the associated queue manager in IBM MQ Explorer.