Domain awareness for Message Brokers Toolkit users on Windows

If you enable domain awareness, access to the Message Brokers Toolkit is not restricted to users from one Windows® domain.

The Configuration Manager is always domain aware; when a Configuration Manager on Windows receives user information, it verifies the user's domain membership.

You can configure the Message Brokers Toolkit to send domain aware information about the user to the Configuration Manager, if required. If the user is logged on to a Windows domain and the Message Brokers Toolkit sends domain aware information, the Message Brokers Toolkit sends the user's domain membership information and the user's ID. If the user is not logged on to a Windows domain, the Message Brokers Toolkit sends only the user's ID and the computer name.

If you enable domain awareness, users from different Windows domains, who are either trusted by the primary domain, or in a Windows transitive trust relationship, can perform Message Brokers Toolkit tasks, provided that they are in the correct user role definition groups or object level security groups.

When using domain awareness:
Related concepts
Security overview
Related tasks
Considering security for a Configuration Manager
Considering security for the workbench
Related reference
Security requirements for administrative tasks
Notices | Trademarks | Downloads | Library | Support | Feedback

Copyright IBM Corporation 1999, 2009Copyright IBM Corporation 1999, 2009. All Rights Reserved.
Last updated : 2009-01-07 15:41:01

ap18220_