mqsisetdbparms command

Use the mqsisetdbparms command to associates a specific user ID and password with one or more resources in your broker domain.

Supported platforms

  • Windows®
  • Linux® and UNIX® systems
  • z/OS®. Run this command by customizing and submitting BIPSDBP.

Purpose

The user ID and password pair is created in the DSN folder under the broker's registry folder.

This command does not run if the broker is running. You must stop the broker before you run this command.

The mqsisetdbparms command does not apply to the broker databases. Therefore, you cannot use this command to override the broker data source name.

Syntax

Create

Alter

Delete

Parameters

BrokerName
(Required) The name of the broker for which settings are to be created, altered, or deleted.
Start of change-n ResourceNameEnd of change
(Required) This parameter identifies one of the following resources:
  • The data source for which the user ID and password pair are to be created or modified.
    Data source names are used by the following nodes:
    • Compute
    • Database
    • DataDelete
    • DataInsert
    • DataUpdate
    • Filter
    • Mapping
    • Warehouse
    If you use the same DSN in multiple nodes to refer to the same database instance, the same user ID and password combination is used.
  • The name of the security identity that is used to authenticate a connection to a JMS or JNDI resource. The ResourceName takes the form jms::secId or jndi::secId, where secId is specified as the value
  • Start of changeThe name of the security identity that is used to authenticate an SMTP server.End of change
  • Start of changeThe name of the security identity that is used to authenticate a broker keystore.End of change
  • Start of changeThe name of the security identity that is used to authenticate an LDAP directory.End of change
  • Start of changeThe name of the security identity that is used to authenticate a WSRR configurable service.End of change
Start of change-u UserIdEnd of change
Start of change(Required for Create connection; Optional for Alter) The user ID to be associated with this resource.End of change
Start of change-p PasswordEnd of change
Start of change(Required for Create and Alter) The password to be associated with this resource.

For compatibility with existing systems, you can still specify <password>. However, if you do not specify a password with this parameter when you run the command, you are prompted to enter a password during its invocation, and to enter the password a second time to verify that you have entered it correctly.

End of change
-d
(Required for Delete) This parameter deletes the user ID and password pair for this resource from the registry.

Authorization

On Windows systems, the user ID that is used to run this command must have Administrator authority on the local system.

On Linux and UNIX systems, the user ID that is used to run this command must be a member of the mqbrkrs group.

On z/OS, the user ID that is used to run this command must be a member of a group that has READ and WRITE access to the component directory.

Ensure that the registry is appropriately secured to prevent unauthorized access. mqsisetdbparms is not required for correct operation of the broker. However, if the broker administrator does not assign specific user IDs and passwords to specific resources, the broker user ID (and password on Windows and UNIX systems) is used. The password is not stored in clear text in the file system.

Examples

Data source names

The following examples show the usage of the command without the additional Universal Record Identifier (URI):
mqsisetdbparms WBRK_BROKER -n MQBroker1 -u MQUserId -p password
mqsisetdbparms WBRK_BROKER -n MQBroker1 -d

JMS and JNDI resource names

The following examples show the use of the command when the URI for a JMS or JNDI resource name is substituted for the ResourceName that is associated with the -n parameter.

For a JMS resource, the prefix is "jms::"; for JNDI, the prefix is "jndi::".

On Linux and UNIX systems, if the parameter string includes a back slash (\) character, you must escape from this character by using a second back slash character (\\) when you enter the mqsisetdbparms command.

For example, to specify a user ID of myuserid and password secret for JMS topic connection factory tcf1 in broker MyBroker1, use the following syntax:
mqsisetdbparms MyBroker1 -n jms::tcf1 -u myuserid -p secret
Similarly, to specify the same security for a JNDI initial context com.sun.jndi.fscontext.RefFSContextFactory, enter the following command:
mqsisetdbparms MyBroker1 -n jndi::com.sun.jndi.fscontext.RefFSContextFactory 
     -u myuserid -p secret

JMS node account names

The preceding examples describe how to configure security for JMS and JNDI resources for all JMS nodes that use those resources in a broker.

To increase the degree of control that you have in the security of JMS nodes, you can associate a resource with an account name. The account name itself comprises the message flow name concatenated with the node label by means of the underscore character "_", that is:
            Message Flow Name_Node label
For example, where the message flow name is MyJMSFlow1, and you require a specific user ID and password for JMSInput node MyJMSInput1, the resulting account name is:
             MyJMSFlow1_MyJMSInput1
You can then use the account name string in the ResourceName option of the mqsisetdbparms command by prefixing the account name with the resource type, and concatenating the account name with an at sign (@) character followed by the resource name itself:
            <resource type><account name>@<resource name>
Therefore, assuming a JMS resource name of tcf1, used by JMSInput node MyJMSInput1 in message flow MyJMSFlow1, the following ResourceName is used:
            jms::MyJMSFlow1_MyJMSInput1@tcf1
Specifying a user ID of myuserid, a password of secret, a broker name of MyBroker1, and the ResourceName name created from the account name, as described previously, use the following syntax:
mqsisetdbparms MyBroker1 -n jms::MyJMSFlow1_MyJMSInput1@tcf1
                 -u myuserid -p secret
Notices | Trademarks | Downloads | Library | Support | Feedback

Copyright IBM Corporation 1999, 2009Copyright IBM Corporation 1999, 2009.
Last updated : 2009-01-07 15:22:35

an09155_