The parameter descriptions also apply to the ALTER AUTHINFO command, with the following exceptions:
The name must not be the same as any other authentication information object name currently defined on this queue manager (unless REPLACE or ALTER is specified). See Rules for naming WebSphere MQ objects.
This parameter is valid only on the DEFINE AUTHINFO command.
CMDSCOPE must be blank, or the local queue manager, if QSGDISP is set to GROUP.
You can specify a queue manager name other than the queue manager on which it was entered, only if you are using a shared queue environment and if the command server is enabled.
If you specify the connection name as an IPv6 address, only systems with an IPv6 stack are able to resolve this address. If the AUTHINFO object is part of the queue manager's CRL namelist, ensure that any clients using the client channel table generated by the queue manager are capable of resolving the connection name.
On z/OS, if a CONNAME is to resolve to an IPv6 network address, a level of z/OS that supports IPv6 for connection to an LDAP server is required.
The syntax for CONNAME is the same as for channels. For example,
conname('hostname(nnn)')
where nnn is the port number. If nnn is not provided, the default port number 389 is used.
The maximum length for the field is 264 characters on i5/OS, UNIX systems, and Windows, and 48 characters on z/OS.
It should contain only displayable characters. The maximum length is 64 characters. In a DBCS installation, it can contain DBCS characters (subject to a maximum length of 64 bytes).
The default value is blank. On z/OS, the LDAPPWD used for accessing the LDAP server may not be the one defined in the AUTHINFO object. If more than one AUTHINFO object is placed in the namelist referred to by the QMGR parameter SSLCRLNL, the LDAPPWD in the first AUTHINFO object is used for accessing all LDAP Servers.
The maximum size for the user name is 1024 characters on i5/OS, UNIX systems, and Windows, and 256 characters on z/OS.
On z/OS, the LDAPUSER used for accessing the LDAP Server may not be the one defined in the AUTHINFO object. If more than one AUTHINFO object is placed in the namelist referred to by the QMGR parameter SSLCRLNL, the LDAPUSER in the first AUTHINFO object is used for accessing all LDAP Servers.
On i5/OS, UNIX systems, and Windows, the maximum accepted line length is defined to be BUFSIZ, which can be found in stdio.h.
If this field is not filled in, and you do not complete the parameter fields related to the command, the values are taken from the default definition for an object of this type. This is equivalent to specifying LIKE(SYSTEM.DEFAULT.AUTHINFO.CRLLDAP).
This default authentication information object definition can be altered by the installation to the default values required.
On z/OS, the queue manager searches for an object with the name you specify and a disposition of QMGR or COPY. The disposition of the LIKE object is not copied to the object you are defining.
This parameter is valid only on the DEFINE AUTHINFO command.
Specifies the disposition of the object to which you are applying the command (that is, where it is defined and how it behaves).
QSGDISP | ALTER | DEFINE |
---|---|---|
COPY | The object definition resides on the page set of the queue manager that executes the command. The object was defined using a command that had the parameters QSGDISP(COPY). Any object residing in the shared repository, or any object defined using a command that had the parameters QSGDISP(QMGR), is not affected by this command. | The object is defined on the page set of the queue manager that executes the command using the QSGDISP(GROUP) object of the same name as the 'LIKE' object. |
GROUP | The object definition resides in the shared repository.
The object was defined using a command that had the parameters QSGDISP(GROUP).
Any object residing on the page set of the queue manager that executes the
command (except a local copy of the object) is not affected by this command.
If the command is successful, the following command is generated and sent to all active queue managers in the queue-sharing group to attempt to refresh local copies on page set zero: DEFINE AUTHINFO(name) REPLACE QSGDISP(COPY)The ALTER for the group object takes effect regardless of whether the generated command with QSGDISP(COPY) fails. |
The object definition resides in the shared repository.
This is allowed only if the queue manager is in a queue-sharing group.
If the definition is successful, the following command is generated and sent to all active queue managers in the queue-sharing group to make or refresh local copies on page set zero: DEFINE AUTHINFO(name) REPLACE QSGDISP(COPY)The DEFINE for the group object takes effect regardless of whether the generated command with QSGDISP(COPY) fails. |
PRIVATE | The object resides on the page set of the queue manager
that executes the command, and was defined with QSGDISP(QMGR) or QSGDISP(COPY).
Any object residing in the shared repository is unaffected. |
Not permitted. |
QMGR | The object definition resides on the page set of the queue
manager that executes the command. The object was defined using a command
that had the parameters QSGDISP(QMGR). Any object residing in the shared repository,
or any local copy of such an object, is not affected by this command.
This is the default value. |
The object is defined on the page set of the queue manager
that executes the command.
This is the default value. |
This parameter is valid only on the DEFINE AUTHINFO command.
Notices |
Downloads |
Library |
Support |
Feedback
![]() ![]() |
csqzaj1034 |