MQS_REPORT_NOAUTH environment variable can be used to better diagnose return code 2035 (MQRC_NOT_AUTHORIZED)

Technote (FAQ)


What is the purpose of the MQS_REPORT_NOAUTH environment variable in WebSphere MQ?


The MQS_REPORT_NOAUTH environment variable can be used to help diagnose authorization problems, such as:


This environment variable was introduced in WebSphere MQ V5.3 Fix Pack 12, MQ V6.0.1.0 and MQ V7.0.0.0.


  1. Export the environment variable. The value does NOT matter. The code just checks for the environment variable to be defined.
    OpenVMS: define/sys MQS_REPORT_NOAUTH TRUE
  2. Start of the queue manager.
  3. Recreate the authorization failure.
  4. Browse the queue manager error log; looking for AMQ8077.

Usage Notes
  • The environment variable can be added in the .profile or .bashrc file for the user "mqm".
  • You must export this environment variable prior to starting the queue manager. The value is ignored, but it is a good practice to use a value that indicates that it is set, such as TRUE.
  • In MQ 7.1, if you find that the error logs contain many instances of AMQ8077, then you have the option to disable this generation by unsetting the variable.
  • To disable the reporting, unset the environment variable and restart the queue manager.
    Windows: set MQS_REPORT_NOAUTH=
    OpenVMS: deassign/sys MQS_REPORT_NOAUTH

Expected output
When this variable is exported, and the queue manager detects an authorization problem, then the queue manager writes the following message in queue manager error log:

AMQ8077: Entity '<insert one>' has insufficient authority to access object '<insert two>'.
The specified entity is not authorized to access the required object. The following requested permissions are unauthorized: <insert three>
Ensure that the correct level of authority has been set for this entity against the required object, or ensure that the entity is a member of a privileged group.

++ Exception:
When the UserId against which the authorization check is made, is not available on the system, then:

MQ V7.1: Message AMQ8077 is written into the log.

MQ V7.0: No messages are written to the error log. That is, AMQ8077 or AMQ9209 are not written in the log.

MQ V5.3, MQ V6.0: No AMQ8077 message is written to the error log. However, the following error message may be recorded:
AMQ9209: Connection to host 'ipAddress' closed.

If you want to capture the occurrence of this situation, the environment variable MQSAUTHERRORS can be used, which generates FDC files related to the return code 2035. For more details see:

Using MQSAUTHERRORS to generate FDC files related to RC 2035 (MQRC_NOT_AUTHORIZED)

++ Related technote

Using the MQS_REPORT_NOAUTH environment variable on IBMi

Related information

A Japanese translation is available

Product Alias/Synonym

WebSphere MQ WMQ

Rate this page:

(0 users)Average rating

Add comments

Document information

More support for:

WebSphere MQ

Software version:

5.3, 6.0, 7.0, 7.1, 7.5

Operating system(s):

AIX, HP-UX, Linux, OpenVMS, Solaris, Windows

Reference #:


Modified date:


Translate my page

Machine Translation

Content navigation