WebSphere® MQ has a component, running as a Windows® DCOM process, that checks that any user account attempting to access WebSphere MQ is authorized. As part of the check, the component must confirm that the account belongs to a group that is a member of the local mqm group, such as DOMAIN\domain mqm. The component itself by default runs under a local user account (MUSR_MQADMIN) that WebSphere MQ creates at installation.
If any domain controller on your network is running on Windows 2000 or Windows 2003, that domain can be set up so that local user accounts do not have authority to query the group membership of its domain user accounts. Such a setup prevents WebSphere MQ from completing its check, and access fails. To resolve this, each installation of WebSphere MQ on the network must be configured to run its service under a domain user account that has the required authority. See Creating and setting up Windows 2000 and Windows 2003 domain accounts for WebSphere MQ for instructions on creating a suitable domain account.
Notices |
Downloads |
Library |
Support |
Feedback
![]() ![]() |
amqtac0568 |