IBM Integration Bus, Version 9.0.0.8 Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS

See information about the latest product version

mqsiwebuseradmin command - Windows, Linux, and UNIX systems

Use the mqsiwebuseradmin command to administer user accounts for the web user interface on Linux, UNIX, or Windows systems.

Syntax

Read syntax diagramSkip visual syntax diagram
>>-mqsiwebuseradmin--| brokerSpec |--+- -l +-------------------->
                                     +- -c +   
                                     +- -m +   
                                     '- -d '   

>--+---------------+--+---------------+--+-----------+---------->
   '- -u -username-'  '- -a -password-'  '- -r -role-'   

>--+-------------------+--+-----------------------+------------><
   '- -w --timeoutSecs-'  '- -v -- traceFileName -'   

brokerSpec

|--+- brokerName ----------------+------------------------------|
   +- -n --brokerFileName--------+   
   | .-------------------------. |   
   | V                         | |   
   '-----+- -i --ipAddress-+---+-'   
         +- -p --port------+         
         '- -q --qMgr------'         

Parameters

brokerSpec
(Required) You must specify at least one parameter to identify the target broker for this command, in one of the following forms:
brokerName
This parameter identifies the name of a locally defined broker. You cannot use this option if the broker is on a remote computer.
-n brokerFileName
This parameter identifies the name of a file that contains the connection details for a local or remote broker.

Use this option if multiple users want to connect to the same broker, or if you are using advanced connection parameters such as SSL.

To create this file, right-click the broker in the IBM® Integration Explorer and select Export *.broker file. When prompted, navigate to the location in which you want to save the file and enter the file name; the extension .broker is appended automatically when you click Save. Include the location (path) and file name when you specify this parameter. You must ensure that the location is accessible when you run this command.

If you want to run a command that uses SSL to administer a remote broker over a secured channel, you must specify the keystore and truststore password for the connection using the IBM_JAVA_OPTIONS environment variable. See Resolving problems when running commands for further information.

-i ipAddress, -p port, -q qMgr
These parameters identify the connection details for the broker.

Use this option for connections to remote brokers that do not require advanced connection parameters.

If you choose this option, you must specify at least one of these three parameters; the order in which you specify them is insignificant. You cannot specify each parameter more than once.

Parameters that you omit assume default values:

  • -i ipAddress: The host name or the IP address of the computer on which the broker is running. If you do not specify this parameter, a value that represents the local computer is used.
  • -p port: The TCP port on which the broker's queue manager is listening. If you do not specify this parameter, the value 1414 is used.
  • -q qMgr: The name of the broker's queue manager. If you do not specify this parameter, a value that represents the default queue manager on the local computer is used.
-l
(Optional) Lists the web users that are defined within the broker, and the roles with which they are associated.  If -u (user) or -r (role) is supplied, the list is filtered by that user or role.
-c
(Optional) Creates a web user account, which can log on to the web user interface and make REST API calls. If you use this parameter, you must also specify the -u and -a parameters. If you do not specify the -r parameter when you create a web user account, a default role is created with the same name as the web user account. In this case, the web user account that you create must have the same name as the system user account that has been specified on the system.
-m
(Optional) Modifies a web user account. If you use this parameter, you must use the -u parameter to specify the user account, and you must also specify a value for at least one of the -a and -r parameters, dependent upon which parameter you are modifying.
-d
(Optional) Deletes a web user account. If you use this option, you must also use the -u parameter to specify the user account.
-u username
(Optional) Specifies the name of a web user account. This parameter is required if you specify the -c, -d, or -m parameters.
-a password
(Optional) Specifies a web user account password. This parameter is required if you specify the -c parameter.
-r role
(Optional) Specifies a role to be associated with the web user account. If you are using queue-based authorization, the role is the system user account whose administration security permissions are checked. Each web user account is associated with a single role, and multiple web user accounts can be assigned to the same role.

If you do not specify the -r parameter when you create a web user account (by specifying the -c parameter), a default role is created with the same name as the web user account. If you are using queue-based authorization, the web user account that you create must have the same name as the system user account that has been specified on the system.

For more information about roles, see Role-based security.

-v traceFileName
(Optional) This parameter sends internal debug trace information to the specified file.
-w timeoutSecs
(Optional) This parameter specifies the maximum time in seconds that the command waits for the broker to complete the request before returning.

You can set this parameter to a value in the range 1 - 2 145 336 164. If you do not provide a timeoutValue value, or you set a value less than 1 or greater than 2 145 336 164 is specified, an error is returned.

Set this parameter to a value greater than the sum of the configuration timeout parameters ConfigurationChangeTimeout and InternalConfigurationTimeout that you specified for the broker, if you want to ensure that a response is received within the timeoutValue period. If you set a smaller value, the response returned might indicate that the state of the deploy request is unknown.

Examples

Create a web user account and password and specify the associated role (system user account):
mqsiwebuseradmin IB9NODE -c -u webuser1 -r admin -a passw0rd

In the preceding example, the value admin corresponds to a system account.

Change the password for webuser1:
mqsiwebuseradmin IB9NODE -m -u webuser1 -a n3wpass
Delete the web user account for webuser1:
mqsiwebuseradmin IB9NODE -d -u webuser1
Related concepts:
Role-based security
Administration security
Related tasks:
Administering brokers using the web user interface
Managing web user accounts
Related reference:
Syntax diagrams
mqsiwebuseradmin command
mqsiwebuseradmin command - z/OS
bn28491_.htm | Last updated Friday, 21 July 2017