| Author |
Message
|
| David.Partridge |
 Posted: Tue Aug 12, 2008 2:03 am Post subject: MQRC 2035 on client connection |
 |
|
Master
Joined: 28 Jun 2001
Posts: 249
|
OK I thought I knew this stuff, but now I'm not so sure.
Windows machine, userid partrid connecting to unsecured SYSTEM.DEF.SVRCONN channel on AIX QM using rfhutilc.
Userid partrid on AIX is member of mqm group.
Server is MQ 6.0.2.1
Getting 2035 on the MQCONN.
Here's the TSH from the MQ trace
10:23:36.410270 327882.59625 Receiving 464 bytes
10:23:36.410270 327882.59625 0x0000: 54534820 000000a0 02080100 00000000 |TSH ... ........|
10:23:36.410270 327882.59625 0x0010: 00000000 11010000 52030000 55494420 |........R...UID |
10:23:36.410270 327882.59625 0x0020: 50415254 52494420 20202020 20202020 |PARTRID |
10:23:36.410270 327882.59625 0x0030: 20202020 20202020 70617274 72696420 | partrid |
10:23:36.410270 327882.59625 0x0040: 20202020 20202020 20202020 20202020 | |
10:23:36.410270 327882.59625 0x0050: 20202020 20202020 20202020 20202020 | |
10:23:36.410270 327882.59625 0x0060: 20202020 20202020 20202020 20202020 | |
10:23:36.410270 327882.59625 0x0070: 20202020 20202020 1d010105 00000000 | ........|
10:23:36.410270 327882.59625 0x0080: 00051500 00005766 e2624b2c bc1a828b |......Wf.bK,....|
10:23:36.410270 327882.59625 0x0090: a6280604 00000000 00000000 00000000 |.(..............|
10:23:36.410270 327882.59625 0x00a0: 54534820 00000130 02813000 00000000 |TSH ...0..0.....|
10:23:36.410270 327882.59625 0x00b0: 00000000 11010000 52030000 00000130 |........R......0|
10:23:36.410270 327882.59625 0x00c0: 00000000 00000000 00000000 20202020 |............ |
10:23:36.410270 327882.59625 0x00d0: 20202020 20202020 20202020 20202020 | |
10:23:36.410270 327882.59625 0x00e0: 20202020 20202020 20202020 20202020 | |
10:23:36.410270 327882.59625 0x00f0: 20202020 20202020 20202020 433a5c69 | C:\i|
10:23:36.410270 327882.59625 0x0100: 6830335c 72666875 74696c63 2e657865 |h03\rfhutilc.exe|
10:23:36.410270 327882.59625 0x0110: 00000000 00000000 0b000000 16010515 |........ .......|
10:23:36.410270 327882.59625 0x0120: 00000057 66e2624b 2cbc1a82 8ba62806 |...Wf.bK,.....(.|
10:23:36.410270 327882.59625 0x0130: 04000000 00000000 0000000b 03000000 |........... ....|
10:23:36.410270 327882.59625 0x0140: 00000000 46434e4f 01000000 00000000 |....FCNO........|
10:23:36.410270 327882.59625 0x0150: 00000000 00000000 00000000 00000000 |................|
10:23:36.410270 327882.59625 0x0160: 00000000 00000000 00000000 00000000 |................|
10:23:36.410270 327882.59625 0x0170: 00000000 00000000 00000000 00000000 |................|
10:23:36.410270 327882.59625 0x0180: 00000000 00000000 00000000 00000000 |................|
10:23:36.410270 327882.59625 0x0190: 00000000 00000000 00000000 00000000 |................|
10:23:36.410270 327882.59625 0x01a0: 00000000 00000000 00000000 00000000 |................|
10:23:36.410270 327882.59625 0x01b0: 00000000 00000000 00000000 00000000 |................|
10:23:36.410270 327882.59625 0x01c0: 00000000 00000000 00000000 00000000 |................|
I see that the userid from Windows is there twice in the TSH, once in UPPER CASE as the string UID PARTRID and once in lower case as part of the parameters for the MQCONN.
Can someone put me out of my misery here? Paul Clarke are you there?
_________________
Cheers,
David C. Partridge |
|
| Back to top |
|
 |
| zpat |
| Posted: Tue Aug 12, 2008 2:39 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
What fix level is the client?
There were some PTFs about case handling for client userids in V6 |
|
| Back to top |
|
|
| sami.stormrage |
| Posted: Tue Aug 12, 2008 6:36 am Post subject: |
|
|
Disciple
Joined: 25 Jun 2008
Posts: 186
Location: Bangalore/Singapore
|
could be a problem, using trusted bindings mode.. have you tried recycling the connected application(which was connected prior to connecting RFHUtil) Or have u recycled ur Qmgr to release the threads (or may be as simple as removing a channel from the cluster and re-clustering).
If this kinda works, then you should report this problem to IBM, so that bla bla bla... .... u know what to do..
_________________
*forgetting everything  * |
|
| Back to top |
|
|
| PeterPotkay |
| Posted: Tue Aug 12, 2008 4:02 pm Post subject: |
|
|
Poobah
Joined: 15 May 2001
Posts: 7722
|
Dave,
Turn on Authority Events at the QM level and see what that tells you. The upper / lower case in the the header could be a red herring.
If the channel is unsecured, why not just hard code the correct ID as AIX needs it in the MCAUSER field of the channel. If you are leaving the MCAUSER blank and the channel is unsecure, you might as well hard code 'mqm' in the MCAUSER.
_________________
Peter Potkay
Keep Calm and MQ On |
|
| Back to top |
|
|
| David.Partridge |
| Posted: Tue Aug 12, 2008 11:19 pm Post subject: |
|
|
Master
Joined: 28 Jun 2001
Posts: 249
|
The client is at fix level 6.0.2.4
I have got authority events turned on but currently Patrol is consuming them and I can't see how to get it to divulge the information from the event messages it has eaten.
Yes, it's currently not secured (at least its a test system), and I have a plan to put SSL on there, but the vendor application that uses it doesn't currently support configuration with SSL
_________________
Cheers,
David C. Partridge |
|
| Back to top |
|
|
| David.Partridge |
| Posted: Wed Aug 13, 2008 1:06 am Post subject: |
|
|
Master
Joined: 28 Jun 2001
Posts: 249
|
I turned off Patrol for a bit, and captured the authority event message.
A colleague had changed the channel the client was using and set MCAUSER on SYSTEM.DEF.SVRCONN to "nobody".
Hence the 2035.
Lesson - don't assume things are how you left them!
_________________
Cheers,
David C. Partridge |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Aug 13, 2008 4:09 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| David.Partridge wrote: |
I turned off Patrol for a bit, and captured the authority event message.
A colleague had changed the channel the client was using and set MCAUSER on SYSTEM.DEF.SVRCONN to "nobody".
Hence the 2035.
Lesson - don't assume things are how you left them! |
I believe it 's called securing the default channels...
You should have known better and used a SVRCONN specially created for your app! 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| David.Partridge |
| Posted: Wed Aug 13, 2008 5:51 am Post subject: |
|
|
Master
Joined: 28 Jun 2001
Posts: 249
|
Me?I didn't set this up I inherited it! I'd have done that and insisted on SSL from day 1 at the planning stage if I'd had my "druthers".
_________________
Cheers,
David C. Partridge |
|
| Back to top |
|
|
|
|
