Setting up the user and group on UNIX and Linux systems

Using Active Directory on Linux systems

If you are using Active Directory to provide centralized user and group definitions to your Linux system, it is not possible to have both an mqm user and mqm group definition in Active Directory because that service does not permit users and groups to have the same name.

Creating the user ID and group on UNIX and Linux systems

Set the primary group of the mqm user to the group mqm.

If you are installing IBM WebSphere MQ on multiple systems you might want to ensure each UID and GID of mqm has the same value on all systems. If you are planning to configure multi-instance queue managers, it is essential the UID and GID are the same from system to system. It is also important to have the same UID and GID values in virtualization scenarios.

AIX

You can use the System Management Interface Tool ( smit), for which you require root authority.

1. To create the mqm group, display the required window using this sequence:

     Security & Users
       Groups
         Add a Group

   Set the group name field to mqm.
2. To create the user mqm, display the required window using this sequence:

     Security & Users
       Users
         Add a User

   Set the user name field to mqm .
3. To add a password to the new user ID, display the required window using this sequence:

     Security & Users
        Passwords
         Change a User's Password

   Set the password as required.

HP-UX

The user ID value for user mqm must be less than 60,000 to avoid problems with the maintenance update process.

You can use the System Management Homepage (SMH), or the groupadd and useradd commands to work with user IDs.

Linux

RPM creates the mqm user ID and group ID as part of the installation procedure if they do not exist.

If you have special requirements for these IDs ( for example they need to have the same values as other machines you are using, or your users and group ID are centrally managed) you should create the IDs before running the installation procedure, using the groupadd and useradd commands to set the UID and GID the same on each machine.

Note: The only IBM WebSphere MQ requirement, is that the mqm user should have the mqm group as its primary group.

Solaris

The user ID value for user mqm must be less than 262,143 to avoid problems with the maintenance update process.

Create the IDs using the groupadd and useradd commands to set the UID and GID the same on each machine.

Adding existing user IDs to the group on UNIX and Linux systems

If you want to run administration commands, for example crtmqm (create queue manager) or strmqm (start queue manager), your user ID must be a member of the mqm group. This user ID must not be longer than 12 characters.

Users do not need mqm group authority to run applications that use the queue manager; it is needed only for the administration commands.

AIX

You can use smit to add an existing user ID to the mqm group. Display the required menu using this sequence:

  Security & Users
    Users
      Change / Show Characteristics of a User

Type the name of the user in the User Name field and press Enter. Add mqm to the Group SET field, which is a comma-separated list of the groups to which the user belongs. Users do not need to have their primary group set to mqm. If mqm is in their set of groups, they can use the administration commands.

Log files created by IBM WebSphere MQ Telemetry service

The umask setting of the user ID that creates a queue manager will determine the permissions of the Telemetry log files generated for that queue manager. Even though the ownership of the log files will be set to mqm .