Authority (AUT)

Specifies the authority being reset or taken away from the users specified in the USER parameter. You can specify values for AUT as a list of specific and general authorities in any order, where the general authorities can be:

*REMOVE, which deletes the profile. It is not the same as *ALL, because *ALL leaves the profile in existence with no authorities. *REMOVE cannot be specified with user QMQMADM unless the object is a generic profile.

*ALL, which confers all authorities to the specified users.

*ALLADM, which confers all of *ADMCHG, *ADMCLR, *ADMCRT, *ADMDLT, *ADMDSP, *CTRL and *CTRLX.

*ALLMQI, which confers all of *ALTUSR, *BROWSE, *CONNECT, *GET, *INQ, *PUT, and *SET.

Authorizations for different object types

*ALL
All authorizations. Applies to all objects.
*ADMCHG
Change an object. Applies to all objects.
*ADMCLR
Clear a queue. Applies to queues only.
*ADMCRT
Create an object. Applies to all objects.
*ADMDLT
Delete an object. Applies to all objects.
*ADMDSP
Display the attributes of an object. Applies to all objects.
*ALLADM
Perform administration operations on an object. Applies to all objects.
*ALLMQI
Use all MQI calls applicable to an object. Applies to all objects.
*ALTUSR
Allow another user's authority to be used for MQOPEN and MQPUT1 calls. Applies to queue manager objects only.
*BROWSE
Retrieve a message from a queue by issuing an MQGET call with the BROWSE option. Applies to queue objects only.
*CONNECT
Connect the application to a queue manager by issuing an MQCONN call. Applies to queue manager objects only.
*CTRL
Control startup and shutdown of channels, listeners and services.
*CTRLX
Reset sequence number and resolve indoubt channels.
*GET
Retrieve a message from a queue using an MGET call. Applies to queue objects only.
*INQ
Make an inquiry on an object using an MQINQ call. Applies to all objects.
*PASSALL
Pass all context on a queue. Applies to queue objects only.
*PASSID
Pass identity context on a queue. Applies to queue objects only.
*PUT
Put a message on a queue using an MQPUT call. Applies to queue objects only.
*SET
Set the attributes of an object using an MQSET call. Applies to queue, queue manager, and process objects only.
*SETALL
Set all context on an object. Applies to queue and queue manager objects only.
*SETID
Set identity context on an object. Applies to queue and queue manager objects only.

Authorizations for MQI calls

*ALTUSR
Allow another user's authority to be used for MQOPEN and MQPUT1 calls.
*BROWSE
Retrieve a message from a queue by issuing an MQGET call with the BROWSE option.
*CONNECT
Connect the application to the specified queue manager by issuing an MQCONN call.
*GET
Retrieve a message from a queue by issuing an MQGET call.
*INQ
Make an inquiry on a specific queue by issuing an MQINQ call.
*PUT
Put a message on a specific queue by issuing an MQPUT call.
*SET
Set attributes on a queue from the MQI by issuing an MQSET call.

If you open a queue for multiple options, you must be authorized for each of them.

Authorizations for context

*PASSALL
Pass all context on the specified queue. All the context fields are copied from the original request.
*PASSID
Pass identity context on the specified queue. The identity context is the same as that of the request.
*SETALL
Set all context on the specified queue. This is used by special system utilities.
*SETID
Set identity context on the specified queue. This is used by special system utilities.

Authorizations for MQSC and PCF commands

*ADMCHG
Change the attributes of the specified object.
*ADMCLR
Clear the specified queue (PCF Clear queue command only).
*ADMCRT
Create objects of the specified type.
*ADMDLT
Delete the specified object.
*ADMDSP
Display the attributes of the specified object.
*CTRL
Control startup and shutdown of channels, listeners and services.
*CTRLX
Reset sequence number and resolve indoubt channels.

Authorizations for generic operations

*ALL
Use all operations applicable to the object.
*ALLADM
Perform all administration operations applicable to the object.
*ALLMQI
Use all MQI calls applicable to the object.
*REMOVE
Delete the authority profile to the specified object.