ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General IBM MQ Support » V2 MQ Client Security on NT

Post new topic  Reply to topic
 V2 MQ Client Security on NT « View previous topic :: View next topic » 
Author Message
BobLundeen
PostPosted: Tue Apr 30, 2002 7:52 am    Post subject: Reply with quote

Newbie

Joined: 29 Apr 2002
Posts: 2
Looking for help from someone experienced with MQ V5.2 Client on NT and security processing who might know how V5.2 behaves in comparison to V2. Thanks.

While troubleshooting very, very rare (once or twice a week) but very, very L-O-N-G delays (5 to 10 minutes) between starting an MQ Client app on NT (V2) and the actual MQCONN occurs, a network sniffer is showing interaction with the BDC and sometimes PDC to apparently authenticate the UserID of the currently Logged on User - or maybe to inquire what group the currently Logged on User is a member. In the meantime, thousands of successful client applicaiton executions (MQCONN, MQPUT1, MQDISC) work fine all week long.

1. Curious why the NT client application is making this contact (NT BCD or PDC authentication) before the MQCONN processing to connect to the queue manager on AIX. What's the point of checking NT security before connecting to the queue manager on AIX? (My Guess: to verify the currently logged on UserID's password has not expired since logon, or is still a valid UserID?)

2. Also, curious if this (NT BCD or PDC authentication) is the same behavoir that would be seen if V5.2 were used. Due to the (obsolete) source code language environment of the MQ Client application, simply testing the V5.2 client is not feasible, except with sample programs. But this problem is very rare and not recreatable on damand.
Back to top
View user's profile Send private message
kolban
PostPosted: Tue Apr 30, 2002 9:27 am    Post subject: Reply with quote

Grand Master

Joined: 22 May 2001
Posts: 1072
Location: Fort Worth, TX, USA
I think I have some info on part I ... I believe that the Windows SID is flowed to the queue manager from a Windows NT based client. This SID is used at the server for authorization. It may be that the SID has to be obtained/validated from the domain control.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General IBM MQ Support » V2 MQ Client Security on NT
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.