MQ8/9 Authenticated Setup
To enable username/password authentication on the queue manager, the changes below need to be made to the queue manager configuration.
Note: The CHLAUTH(DISABLED) command below is required to disable the IP address filtering on CLIENT channels that MQ has enabled by default. Disabling CHLAUTH does not disable username/password checks.
The commands below are MQ 'runmqsc' commands that need to be executed by an MQ privileged user, like the 'mqm' user.
ALTER QMGR CONNAUTH(USE.PW) CHLAUTH(DISABLED)
ALTER AUTHINFO(USE.PW) +
AUTHTYPE(IDPWOS) +
FAILDLAY(10) +
CHCKLOCL(OPTIONAL) +
CHCKCLNT(REQUIRED)
REFRESH SECURITY TYPE(CONNAUTH)
MQ8/9 Un-Authenticated Setup
To disable the security on the SVRCONN channels execute the following runmqsc commands below.
Note: This should only be performed in DEV for testing purposes.
ALTER AUTHINFO('SYSTEM.DEFAULT.AUTHINFO.IDPWOS') AUTHTYPE(IDPWOS) CHCKCLNT(OPTIONAL)
REFRESH SECURITY TYPE(CONNAUTH)
ALTER QMGR CHLAUTH(DISABLED)