MQSeries.net :: View topic - Permissions issue in Multiinstance QMGR in Win-Environment

ashokt · Posted: Sun Feb 26, 2023 9:00 am Post subject:

Dear team,

I am facing Permissions related issue , in the production new servers in windows -2019 , We've done the setup of MSCS and created Multi-instance QMGR in node1. and also applied required permissions for QMGRS by using CMD mode then verified and looks fine as expected .

When we did the failover from failover manger , nodes has been switched and running the QMGRS as expected in Node2 from Node1 . then verified all QMGR objects it looks fine except permissions.

I've applied the permissions in Group level , where we've added service accounts only not local users.

For exp: QMGRS --A ,B ,C ,D

Groups --V ,X ,Y ,Z (different service accounts added in this groups)

In node 1 I've applied permissions V-A , X-C ,Y-C ,Z-D.

When we switched the node1 to node2 permissions were applied differently.

like V-A,B,Z
X-A,B
Y-C
Z-D

when i switch back from node2 to node1 some of the groups permissions not added (removed) to the above QMGR .

could you please advise why this kind of behavior happening

Even when i manually applied permissions in Node2 and After switching permissions were removed /added extra.

Node: MQ service running service account, which is under the domain.

No local users were created . Service accounts only added into the groups and connected QMGR (setmqaut -m A -t qmgr +connect +dsp +ctrl)

Please advise.

Regards,
Ashok.