IBM Integration Bus, Version 10.0.0.2 Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS


Users and Citrix

Review the categories of user that might want to use with Citrix, and how to configure for concurrent multi-users.

Categories of user

The following categories of user exist:
Application developers
These users do not need to run mqsi commands, but must be placed in an access control list (ACL) before they can use an integration node. Put these users only in the user list for publishing IBM® Integration Toolkit.
Administrators
If you use Citrix to publish the IBM Integration Toolkit and the IBM Integration Bus command console, put all administrators in the users lists for both applications. For information about the permissions that administrators need, see Security requirements for administrative tasks.

You can create Windows groups that correspond to the application developer and administrator categories, put the groups in the appropriate user lists, then allocate users to the relevant Windows group. Alternatively, you can give appropriate permissions directly to the user.

Make all users members of the Remote Desktop Users group, so that they can use Terminal Server.

Attention: Users who have access to the IBM Integration Bus command console through Citrix can use the console to run other commands that are unrelated to the integration node.

For information about the rights of groups such as mqm, mqbrkrs, and Administrators, see Security requirements for Windows systems.

Concurrent multi-users

Allowing multiple concurrent users to access IBM Integration Bus by Citrix on a Windows server requires the same planning as allowing multiple concurrent users to access the IBM Integration Bus on a Linux or UNIX server. For example:
  • All application developers should have their own integration server, so that they can deploy message flows and start and stop integration servers without conflicting with each other during development and testing. However, an exection group might be administered by more than one administrator. In these cases, administrators should coordinate their activities so that they do not conflict with each other. For example, when one administrator is starting an integration server, no one else should be trying to stop it.
  • All users should have their own workspace. The Windows system administrator should give each user the appropriate read and write permissions for the directory that corresponds to their workspace.

ah60375_.htm | Last updated 2015-09-24 12:52:46