Setting up the user and group on UNIX and Linux systems
On UNIX and Linux® systems, IBM® WebSphere® MQ requires a user ID of the name mqm
, with a
primary group of mqm
. The mqm
user
ID owns the directories and files that contain the resources associated
with the product.
Using Active Directory on Linux systems
If you are using Active Directory to provide centralized user and group definitions to your Linux system, it is not possible to have both an
mqm
user and mqm
group definition in Active Directory because that
service does not permit users and groups to have the same name.
- Put an
mqm
group definition in the Active Directory before installing IBM WebSphere MQ, so that other users in the directory can later be made part of the shared group definition. - Create the
mqm
user locally, or allow it to be created during the installation process.
Creating the user ID and group on UNIX and Linux systems
Set the primary group of the mqm
user to the
group mqm
.
If you are installing IBM WebSphere MQ on multiple systems you might
want to ensure each UID and GID of mqm
has the same
value on all systems. If you are planning to configure multi-instance
queue managers, it is essential the UID and GID are the same from
system to system. It is also important to have the same UID and GID
values in virtualization scenarios.
- AIX
- You can use the System Management Interface Tool ( smit), for which you require root authority.
- To create the
mqm
group, display the required window using this sequence:
Set the group name field toSecurity & Users Groups Add a Group
mqm
. - To create the user
mqm
, display the required window using this sequence:
Set the user name field toSecurity & Users Users Add a User
mqm
. - To add a password to the new user ID, display the required window
using this sequence:
Set the password as required.Security & Users Passwords Change a User's Password
- To create the
- HP-UX
- The user ID value for user
mqm
must be less than 60,000 to avoid problems with the maintenance update process. - Linux
- RPM creates the
mqm
user ID and group ID as part of the installation procedure if they do not exist. - Solaris
- The user ID value for user
mqm
must be less than 262,143 to avoid problems with the maintenance update process.
Adding existing user IDs to the group on UNIX and Linux systems
If you want to run administration commands,
for example crtmqm (create queue manager) or
strmqm (start queue manager), your user ID must be a member
of the mqm
group. This user ID must not be longer
than 12 characters.
Users do not need mqm
group
authority to run applications that use the queue manager; it is needed
only for the administration commands.
- AIX
- You can use smit to add an existing user ID to the
mqm
group. Display the required menu using this sequence:
Type the name of the user in the User Name field and press Enter. AddSecurity & Users Users Change / Show Characteristics of a User
mqm
to the Group SET field, which is a comma-separated list of the groups to which the user belongs. Users do not need to have their primary group set tomqm
. Ifmqm
is in their set of groups, they can use the administration commands.
Log files created by IBM WebSphere MQ Telemetry service
The umask setting of the
user ID that creates a queue manager will determine the permissions
of the Telemetry log files generated for that queue manager. Even
though the ownership of the log files will be set to mqm
.