Use the mqsireportfileauth command to view the
file-based or LDAP administration security permissions that are in effect for the specified
integration node.
Before you begin
Read the following topics:
About this task
You can display the file-based or LDAP administration security permissions for the specified
integration node by using the mqsireportfileauth command.
Three
levels of authorization are supported for
IBM® Integration Bus administration security: read,
write, and execute. These permissions can be applied to the following
types of objects for each role (system user):
- Integration node resources
- Integration server resources
- Data capture objects (record-replay)
Procedure
- Ensure that the user running the command is a member of
the group mqbrkrs.
- Use the mqsireportfileauth command
to display the administration security permissions that have been
set for a specified role on the integration node.
For
example, display the permissions that are currently in effect for
the role
iibAdmins
on the integration node
IB10NODE
:
mqsireportfileauth IB10NODE -r iibAdmins
The output from the command has a format similar
to that shown in the following example:
BIP8931I: Role = 'iibAdmins', Resource = '', Permissions = 'read+,write+,execute+'
- You can also use the mqsireportfileauth command
to display all the administration security permissions that have been
set for all roles on the integration node. Roles are reported only
if they have positive permissions set; any roles that have no permissions
set are not reported in the output of this command.
For
example, display all roles for which permissions have been set on
the integration node
IB10NODE
:
mqsireportfileauth IB10NODE -l
The output from the command has a format similar
to that shown in the following example:
BIP8931I: Role = 'iibAdmins' Resource = '' Permissions = 'read+,write+,execute+'
BIP8931I: Role = 'iibGuests' Resource = '' Permissions = 'read+,write-,execute-'
You can also display roles for which permissions have
been set on a specified integration server in the integration node;
for example:
mqsireportfileauth IB10NODE -e is01 -l
The
output from the command has a format similar to that shown in the
following example:
BIP8931I: Role = 'iibAdmins', Resource = 'is01', Permissions = 'read+,write+,execute+'
BIP8931I: Role = 'iibGuests', Resource = 'is01', Permissions = 'read+,write-,execute-'