I am using the WebSphere 7.1. I am following the below steps :
Creating the queue manager using WebSphere MQ Explorer
Procedure:
Start WebSphere MQ Explorer.
In the Navigator view, right-click the Queue Managers folder, then
click New > Queue Manager.The Create Queue Manager wizard opens.
In the Queue Manager name field, type QM_APPLE.
Click Next twice.
Ensure that Automatic is selected from the Select type of queue
manager startup option.
Click Next.
Ensure that the Create listener configured for TCP/IP check box is
selected.
If the Finish button is not available, type another port number in
the Listen on port number field. If the current value is 1414, try
using a different port number, for example: 1415 or 1416. If the
default port number of 1414 is not used at this stage, make a note of
the port number used because you will need it in later stages of this
tutorial when QM_APPLE serves as a receiving queue manager.
Click Finish.
The Problem is, I am stuck in the Step 2. When i right Click I cannot find "NEW" option to create the Queue. Can anyone tell me Why I am not getting it?
Do you have a Websphere MQ Server properly installed locally?
I saw such behavior when only Websphere MQ Explorer is installed.
In this case the only point on step 2 is to add a remote Queue Manager.
START The MQ Explorer in Administrator mode.
Got the Bin folder of MQ Installation and right click on the mqexpolrer image and select as "Run as administrator"
Right click > My computer
Select and open > manage
Expand > local users and groups
Select USerS
Right side you user MUSR_MQADMIN and Properties.
Uncheck the TickBox > Account is Disabled.
Click apply and ok.
Now restart your MQ .
Try to open MQ explorer with the user which we installed MQ. For example it should be mqm and group mqm. Else add your user into mqm group. Then reopen MQ and check.
You should have local admin rights to find New option at Queue managers.
To do this get local admin rights and follow the steps below:
Right click my computer
Select and open manage
Expand local users and groups
Select groups at left side
Right side you can see all the groups.
Double click on mqm group and add your user id.
Click apply and ok.
Now restart your MQ. You can see the new option after restarting the
MQ.
Related
I am trying to create the Client Channel Definition Table using IBM MQ Explorer 7.5.0.2. I have found several articles here which go through the steps of creating the options using the graphical UI in MQ Explorer but when I click 'Finish' nothing is created in the qmgrs folder. i.e. I run MQ Explorer as an Administrator and I have created a Channel definition and then a new Client Connection which I can see in the list of Client Connections but when I click on OK in the dialogue with the options, nothing is created in the Qmgrs folder.
Am I missing a step somewhere?
I found the files. The problem is that all the documentation I read says that the qmgrs directory is created in the application directory for MQ (where it was installed). This is not correct. It is created in the MQ data folder which can be different. Whoever first installed our MQ environment set this to a different location. Easy when you find the problem!
Thanks to everyone for their help.
I'm running a Queue Manager on docker using the latest ibmcom/mq image, but I have an access denied when I try to connect to it from my windows using MQ Explorer.
I've disabled CHLAUTH in MQSC (runmqsc) using the command:
ALTER QMGR CHLAUTH(DISABLED)
I've disabled CONNAUTH using the commands:
ALTER QMGR CONNAUTH(' ')
REFRESH SECURITY TYPE(CONNAUTH)
I've removed the default CHLAUTH rules of the image
SET CHLAUTH(SYSTEM.ADMIN.SVRCONN) TYPE(ADDRESSMAP) ADDRESS(*) ACTION(REMOVE)
SET CHLAUTH(SYSTEM.*) TYPE(ADDRESSMAP) ADDRESS(*) ACTION(REMOVE)
SET CHLAUTH(*) TYPE(BLOCKUSER) USERLIST(*MQADMIN) ACTION(REMOVE)
I've set a Listener and a channel, and added a queue to them
DEFINE LISTENER(LISTENER.TCP) TRPTYPE(TCP) PORT(30002) CONTROL(QMGR) REPLACE
START LISTENER(LISTENER.TCP)
DEFINE CHANNEL(SYSTEM.DEF.SVRCONN) CHLTYPE(SVRCONN) TRPTYPE(TCP) REPLACE
DEFINE QLOCAL('MyQueue') REPLACE
When I try to connect to the Channel SYSTEM.DEF.SVRCONN from windows using MQ Explorer, I'm getting the error (AMQ4036). The error in /var/mqm/qmgrs/MyQueueManager/errors/AMQERR01.LOG into the docker container is:
----- cmqxrsrv.c : 2552 -------------------------------------------------------
02/06/20 10:18:13 - Process(1658.19) User(mqm) Program(amqrmppa)
Host(5652aa2322eb) Installation(Installation1)
VRMF(9.1.4.0) QMgr(MyQueueManager)
Time(2020-02-06T10:18:13.718Z)
ArithInsert1(2) ArithInsert2(2035)
CommentInsert1(myWindowsId)
AMQ9557E: Queue Manager User ID initialization failed for 'myWindowsId'.
EXPLANATION:
The call to initialize the User ID 'myWindowsId' failed with CompCode 2 and Reason
2035. If an MQCSP block was used, the User ID in the MQCSP block was ''. If a
userID flow was used, the User ID in the UID header was '' and any CHLAUTH
rules applied prior to user adoption were evaluated case-sensitively against
this value.
ACTION:
Correct the error and try again.
I want to used the queue manager for local development. Do you have any idea on how to disable the security for my windows user id to be able to connect with MQ Explorer and Application Server Weblogic ?
I am wondering why you need to disable security. If you have explorer running then the next step will be to add your queue manager in explorer. From the tutorial -
https://developer.ibm.com/tutorials/mq-macos-dev/
(I know it's for Mac, but the principal is the same for windows).
This will be:
Right click on ‘Queue managers’ in the MQ Explorer Navigator box, then ‘Add remote queue manager’. A pop up appears.
Add your queue manager name – if Docker – QM1, then click Next.
Add Host name or IP Address – if Docker – localhost.
Add Server connection channel – if Docker – DEV.ADMIN.SVRCONN, then click ‘Next’ twice
Tick ‘Enable user identification’, if Docker – default is admin. Leave ‘Prompt for password’ selected.
Click Finish, then add password for user – if Docker – passw0rd. Your queue manager should appear.
If you truly want to disable security and don't care anything about access to this queue manager, just do the following (in addition to all the turning off of security settings you have already done).
ALTER CHANNEL(SYSTEM.DEF.SVRCONN) CHLTYPE(SVRCONN) MCAUSER('user-id-in-mqm-group-on-docker')
The problem is that your 'myWindowsId' is not defined to the OS in your docker container. The above command asserts the user id specified in the MCAUSER field, and will ignore the user id flowed by the channel from your Windows box.
I would however, encourage you to try the earlier answer, and learn how to do enough in security to let yourself in rather than turning it all off.
I'm looking to setup a Queue Manager Using WebSphere MQ V7 MQ Explorer.
After Creating my Queue Manager, normally I expect that some sub directories are automatically generated under it, "Queues", "Topics", "Channels" .. as illustrated in the photo below.
In my case, no sub directories are generated, as illustrated below in the second snapshot.
PS: the status of my Queue manager is : Running but disconnected from WebSphere MQ Explorer.
When I right-click on the QMgr Name and choose Connect, I get "An unexpected error (2063) has occurred (AMQ4999)"
Could you advise please about a possible cause of this behavior ?
Administrative tools -> Local Security Policy -> Local Policies -> User Rights Assignment -> Log on as a service -> Properties -> add your user here
Same problem with MQ v9 and i solved it this way.
Go to control panel – Administrative tools
Control Panel\All Control Panel Items\Administrative Tools
Local
Inside Local Security Policy
Enter your domain user name then click check names – finalize by clicking ok. Then apply.
Now the domain user can log on as a service – Now open the services running on your machine.
Double click on the MQ service – then go on log on tab
Then apply click okay button – from the restart your machine for the changes to take effect
Finally open WebSphere MQ Explorer as admin - queue manager should be able to connect
Same issue with MQ 9.0 installed on Windows 10 EE.
(Run as Administrator) secpol.msc /s
(open) Local Policies > User Rights Assignment > Log on as a service
then add your User. Same user should be used for "IBM MQ (Installation1)" (Properties> Log On), installation default (when you do not setup the Domain Policy during installation) is MUSR_MQADMIN.
(Maybe you can try to run "MQ Explorer" as MUSR_MQADMIN user, but it's password is automatically generated during the installation. It's possible to change it, but it doesn't seem to be a safer against the using local account to run the MQ service)
I have some stopped QMGRs. When I try to start them or delete them from MQ Explorer, I encounter this error:
AMQ7077: You are not authorized to perform the requested operation.
exitvalue=119
How can I change or remove the restrictions on this object?
You can start or delete a queue manager via the MQ Explorer too, so long as the queue manager and MQ Explorer are running on the same machine/installation. You must ensure that the MQ Explorer is running under an mqm user ID, just as you needed to do run the strmqm or dltmqm commands.
I figured it out that I can do this by command STRMQM 'qmName' or DLTMQM 'qmName' as an alternative to using MQ Explorer.
I’m new to MQ. I have successfully installed WebSphere MQ, setup the queue managers, queues and channels between the queue managers. I have set up agents and I can start, stop and successfully ping the agents but the agents are not listed as shown on the attached screen shot. I have been trying to make the agents work so that I can test file transfer and set it up in our environment.
I even tried to create new coordination and command queue managers and no luck. I even tried the fteListAgents -p (coordination queue manager) and -v
I will really appreciate all the help I can get.
What is the user id you are logged into machine as? Is it Administrator (on Windows)? If so you may be hitting the 12 character user id issue. Administrator is 13 character long and the 'r' at the end may be getting chopped off. I recommend you to look at this troubleshooting link.
If your windows user id is longer than 12 character, check this out:
1) Agents are started, but MQ Explorer agent list is empty?
2) Check under Queuemanager->YOURQM->Subscriptions -> User. Do you see your windows user name truncated to 12 characters?
3) Create a new windows user, with the user name as the 12 characters trancated user.
4) Add this 12 characters username to the Admin group.
MQ FTE used the queued PubSub mechanism. Usually this problem happens because the ID being used doesn't have access to publish. The procedure to diagnose this is as follows:
Download the MS0P SupportPac and install it into WMQ Explorer.
Enable authorization events on the Coordination Qmgr.
Stop and restart an agent or two.
Open MQ Explorer to the queues panel and find the SYSTEM.ADMIN.QMGR.EVENT queue.
Right click on the queue and select "Format Event Messages."
You should find some auths errors.
If the problem is authorization failures MS0P will tell you exactly which ID MQ thinks was used, the API call that failed and the object it failed on.