The following table shows the list of commands, and the authorizations
you must set up before users can to run them.
Command |
Authorization |
Queue |
mqsichangeresourcestats |
Read
|
SYSTEM.BROKER.AUTH
|
Execute
|
SYSTEM.BROKER.AUTH.EG1
|
mqsicreateexecutiongroup |
Read and write
|
SYSTEM.BROKER.AUTH
|
mqsideleteexecutiongroup |
Read and write
|
SYSTEM.BROKER.AUTH
|
mqsideploy |
Read
|
SYSTEM.BROKER.AUTH
|
Write
|
SYSTEM.BROKER.AUTH.EG
|
mqsilist |
Read
|
SYSTEM.BROKER.AUTH
|
Read
|
SYSTEM.BROKER.AUTH.**2
|
mqsimode |
Read (to display) or read and write (to change)
|
SYSTEM.BROKER.AUTH
|
mqsireloadsecurity |
Read
|
SYSTEM.BROKER.AUTH
|
Write
|
SYSTEM.BROKER.AUTH.**3
|
mqsireportresourcestats |
Read
|
SYSTEM.BROKER.AUTH
|
Read
|
SYSTEM.BROKER.AUTH.EG4
|
mqsistartmsgflow5 |
Read
|
SYSTEM.BROKER.AUTH
|
Execute
|
SYSTEM.BROKER.AUTH.EG
|
mqsistopmsgflow5 |
Read
|
SYSTEM.BROKER.AUTH
|
Execute
|
SYSTEM.BROKER.AUTH.EG
|
mqsiwebuseradmin |
Write
|
SYSTEM.BROKER.AUTH
|
Notes: - If you are changing resource statistics collection for all integration servers on the broker,
you must have execute authority for all integration servers.
- You must have read authority for every broker and every integration server for which you are
requesting information. If you request details about a resource for which
you do not have authority, message BIP1185S is returned to
identify each resource with inappropriate authority:The command completes
the request and returns results for all the resources for which authority is
correct.
- Where SYSTEM.BROKER.AUTH.** is specified, the user ID running the command
must have authority for all integration servers. You can set up this level
of authority by either creating a generic profile for all integration
servers, or a specific profile for every integration server.
- If you are reporting resource statistics collection for all integration servers on the broker,
you must have read authority for all integration servers.
- Exact requirements for this command depend on the combination
of parameters that you specify on the command; for details, see the
authorization section in mqsistartmsgflow command and mqsistopmsgflow command.
- In the queue name SYSTEM.BROKER.AUTH.EG, the EG refers to the name of your
integration server.
Only
the commands that are listed in this table are subject to broker administration
security.
Note: The authorizations
that are listed in this table are in addition to the authorizations
required to run the command on specific platforms. Refer to the following
topics for information about platform-specific authorizations: