| Author |
Message
|
| Pavan Kumar PNV |
 Posted: Fri Jul 16, 2010 1:00 pm Post subject: Change NT security domain for a broker |
 |
|
Acolyte
Joined: 03 Feb 2007
Posts: 66
|
Can I get some help on how to change the NT security domain that a broker initializes to on v7?
I have create a broker on a windows 2008 server and the broker got initialized to the local machine security domain despite of being a part of an enterprise domain.
_________________
_____________
Pavan Pendyala
http://pavanz.blogspot.com |
|
| Back to top |
|
 |
| lancelotlinc |
| Posted: Fri Jul 16, 2010 1:14 pm Post subject: |
|
|
Jedi Knight
Joined: 22 Mar 2010
Posts: 4941
Location: Bloomington, IL USA
|
|
| Back to top |
|
|
| Pavan Kumar PNV |
| Posted: Fri Jul 16, 2010 1:27 pm Post subject: Windows 2008 and Message Broker V7 |
|
|
Acolyte
Joined: 03 Feb 2007
Posts: 66
|
The reference was towards a V6 and on Windows in general/ earlier versions.
I was an admin on the machine and a domain user when I created the V7 broker. It would adjust on all other versions of windows to be at the domain level, but not on Windows 2008. Any ideas?
_________________
_____________
Pavan Pendyala
http://pavanz.blogspot.com |
|
| Back to top |
|
|
| mqjeff |
| Posted: Sun Jul 18, 2010 11:08 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
|
| Back to top |
|
|
| Pavan Kumar PNV |
| Posted: Mon Jul 19, 2010 11:11 am Post subject: |
|
|
Acolyte
Joined: 03 Feb 2007
Posts: 66
|
The user that I logged in with the service user id is directly a part of the domain LAWSONDEV . The complete host name is CASFTDC-ESB02.lawsondev.abc.com
The same set-up was working on other machines which are on Windows XP. There is an issue only when run on Windows 2008.
I see this as an issue because:
1. From the event log:
( sqlbrk ) Successfully initialized interface to the NT security domain, 'CASFTDC-ESB02'. A component of WebSphere Message Broker has successfully initialized the NT security domain.
2. User exception when trying to integrate with LDAP. It appears that broker is trying to access as user: 'LAWSONDEV\CASFTDC-ESB02$'
_________________
_____________
Pavan Pendyala
http://pavanz.blogspot.com |
|
| Back to top |
|
|
| mqjeff |
| Posted: Mon Jul 19, 2010 11:21 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
I need to be specific here.
The Broker on windows will run as a specific user id. This user id has nothing to do with the user id you logged in as to run any commands, including mqsicreatebroker.
This is configured by specifying the -i and -a parameters on mqsicreatebroker. It can also be adjusted in the Windows Services - with some limitations and very carefully.
The user specified as the -i parameter on mqsicreatebroker is the broker service user. Did you include the name of the domain when you specified that user? Maybe you did all that, and I'm just having trouble reading your response.
It sounds like the service user is defaulted to being the Local Machine, rather than the actual user you meant it to be. |
|
| Back to top |
|
|
| Pavan Kumar PNV |
| Posted: Wed Aug 18, 2010 4:02 pm Post subject: |
|
|
Acolyte
Joined: 03 Feb 2007
Posts: 66
|
It ended up being an OS issue. Once that was fixed everything was OK!
_________________
_____________
Pavan Pendyala
http://pavanz.blogspot.com |
|
| Back to top |
|
|
|
|
