mqsideleteaclentry command

Supported platforms

Purpose

Use the mqsideleteaclentry command to delete the Configuration Manager database table relating to the group or user access control lists that you have defined.

Syntax

Windows

Linux and UNIX systems

z/OS console command

Synonym: da

Parameters

You must select either -f or
  • -g or -u, and
  • -b and -e or -s or -r or -t or -p

If you select -u you must select either -m or -a

configmgrName
(Optional - Windows. Required - Linux and UNIX systems.) The name of the Configuration Manager from which the access control lists are to be deleted.

On Linux and UNIX systems this must be the first parameter specified. It is case-sensitive on Linux and UNIX systems. On z/OS this parameter is implicit because you specify the component you want to MODIFY.

The default name on Windows, if this parameter is not specified, is 'ConfigMgr'.

-ncfgParameterFilename
(Optional) The name of a .configmgr file that describes the connection parameters to the Configuration Manager.
The file is in XML, using the .configmgr format saved by the workbench. For example:
<?xml version="1.0" encoding="UTF-8"?>
<configmgr host="localhost" listenerPort="1414" queueManager="QNAME"
           securityExit="test.myExit"/>
If you are using this file on z/OS you must remove the statement encoding="UTF-8" from the first line, to leave the statement as:
<?xml version="1.0"?>
and remove the value for the host attribute, to leave the statement as:
<configmgr host="" listenerPort="1414" queueManager="QNAME"
           securityExit="test.myExit"/>
-f FileName
(Optional) File from which to import the configuration. The output of the mqsilistaclentry command is the correct format.
-g GroupName
(Optional) Group to which this entry refers. For this reason, the name must adhere to the standard platform convention for group names.
-u UserName
(Optional) User name to which this entry refers, for example, TEST\ANOTHER.
-m MachineName
(Optional) The name of the machine from which a specified user can connect. This option can not be used with -a.
-a
(Optional) This signifies that the specified user name can be on any machine. This option can not be used with -m.
Note: If you select -u, you must select either -a or -m.
-b Broker
(Optional) The object is a broker object, and its name is specified as a parameter.
-e ExeGroup
(Optional) The object is an execution group and its name is specified as a parameter of the form Broker\ExeGroup. You must specify the b flag if you specify this flag.
-s
(Optional) The object is a subscription object, and its name is specified as a parameter.
-r
(Optional) The object refers to the root topic.
-t
(Optional) The object refers to the main topology.
-p
(Optional) The object refers to the "allresources" resource type. The authority that the principal has for this object applies to all objects, including the mqsicreateaclentry, mqsideleteaclentry, and mqsilistaclentry commands themselves.
-w waitTime
(Optional) The time in seconds that the command waits for a response from the Configuration Manager. If you do not supply a value the command waits for 30 seconds.

Authorization

The user ID used to invoke this command must have full control permissions for the object being changed; see ACL permissions for more information.

Start of changeWhen z/OS commands are run through the console, they effectively run as the Configuration Manager's started-task ID. This means that the commands inherit a Full Control root ACL and you can carry out any operation.End of change

Start of changeIf you submit a console command to the Configuration Manager you can change any ACL for that Configuration Manager.End of change

Examples

Start of changeWindows, Linux, and UNIX systems:
mqsideleteaclentry CMGR01 -f c:\test\mylist 
mqsideleteaclentry CMGR01 -g GROUPA -b MYBROKER
End of change
Start of changez/OS. Note, that on z/OS you must use a comma between each command option. The following example shows the z/OS version of the preceding Windows, Linux, and UNIX systems example:
 /f CMGR01, da g='GROUPA', b='MYBROKER'
End of change
Related concepts
Security overview
Related tasks
Database security