| Author |
Message
|
| RAJESHRAMAKRISHNAN |
 Posted: Thu Nov 04, 2004 10:06 pm Post subject: SID error |
 |
|
Voyager
Joined: 01 May 2004
Posts: 96
|
I am having MQSeries 5.2 installed in one box and MQSeries 5.3 client in another box. Both the boxes are in the same domain.
I created a common user mqsuer in both these boxes and tried to put a message from the client to the server. But I get the 2035(Authorization) error.When I look in to the QMGR error in the server, it gives the SID error. ie SID of the user is mquser(Of the client) is not matching with that of mquser(on the server).
I guess if I use a domain user then it will work. But this is not a correct solution as in the production it is not possible to create domain users for each and every application.
Thanks in advance for all your help. |
|
| Back to top |
|
 |
| JasonE |
| Posted: Fri Nov 05, 2004 2:57 am Post subject: |
|
|
Grand Master
Joined: 03 Nov 2003
Posts: 1220
Location: Hursley
|
The problem you have is you have 2 machines in the same domain, with the same userid name, but differing SID's - when MQ enquires on the SID they dont match, hence the message.
There is no way to avoid the AMQ8074 error message other than to use domain accounts - You dont need one per 'application' unless you choose to do it that way. |
|
| Back to top |
|
|
| RAJESHRAMAKRISHNAN |
| Posted: Fri Nov 05, 2004 3:48 am Post subject: |
|
|
Voyager
Joined: 01 May 2004
Posts: 96
|
Hi Jason,
Thanks very much
Regards
Rajesh |
|
| Back to top |
|
|
| mrlinux |
| Posted: Fri Nov 05, 2004 7:40 am Post subject: |
|
|
Grand Master
Joined: 14 Feb 2002
Posts: 1261
Location: Detroit,MI USA
|
Did you set the passwords to be the same ???
_________________
Jeff
IBM Certified Developer MQSeries
IBM Certified Specialist MQSeries
IBM Certified Solutions Expert MQSeries |
|
| Back to top |
|
|
| JasonE |
| Posted: Fri Nov 05, 2004 7:53 am Post subject: |
|
|
Grand Master
Joined: 03 Nov 2003
Posts: 1220
Location: Hursley
|
| It wont matter... passwords are irrelevant when it comes to SID checking |
|
| Back to top |
|
|
| mrlinux |
| Posted: Fri Nov 05, 2004 8:10 am Post subject: |
|
|
Grand Master
Joined: 14 Feb 2002
Posts: 1261
Location: Detroit,MI USA
|
Well I think we have the same situation here and we have matched the passwords and it works, however I could be wrong. I know we have client box's in our DMZ and they are not part of our internal domain but
they can connect to our Broker without issue.
_________________
Jeff
IBM Certified Developer MQSeries
IBM Certified Specialist MQSeries
IBM Certified Solutions Expert MQSeries |
|
| Back to top |
|
|
| JasonE |
| Posted: Fri Nov 05, 2004 8:19 am Post subject: |
|
|
Grand Master
Joined: 03 Nov 2003
Posts: 1220
Location: Hursley
|
Ah - I understand.... and possibly... you've confused me!
I'll defer this for the raiser to test and feedback 
Having the same userid/pwd works when the o/s tries to do the matching of a userid and the domains are different. In this case, we know the userid and can query the SID successfully so I suspect it wont work, but I could easily be wrong - nothing beats real experience! |
|
| Back to top |
|
|
| mrlinux |
| Posted: Fri Nov 05, 2004 8:56 am Post subject: |
|
|
Grand Master
Joined: 14 Feb 2002
Posts: 1261
Location: Detroit,MI USA
|
Well I did a quick test and here is the setup and results.
1) MQSeries server windows 2000 in test-domain
2) MQSeries Client windows 2000 in test-domain
3) Create local user account on both boxes with same password
4) On Client set MQSERVER=SYSTEM.DEF.SVRCONN/TCP/MQ4
5) Create Queue on Server AAAA
6) setmqaut -m MQ4 -t qmgr -p mqtest +all (ON SERVER)
7) setmqaut -m MQ4 -t q -n AAAA -p mqtest +all (on server
 echo refresh security | runmqsc MQ4
9) Executed amqsgetc AAAA (2033 no messages) (CLIENT)
10) Executed amqsgetc SYSTEM.DEAD.LETTER.QUEUE (2035) I didnt give
permission to this queue. (CLIENT)
So I beleive that if you have the ID/password the same you will not get the 2035.
_________________
Jeff
IBM Certified Developer MQSeries
IBM Certified Specialist MQSeries
IBM Certified Solutions Expert MQSeries |
|
| Back to top |
|
|
| JasonE |
| Posted: Mon Nov 08, 2004 2:32 am Post subject: |
|
|
Grand Master
Joined: 03 Nov 2003
Posts: 1220
Location: Hursley
|
I stand corrected... 
Thanks! |
|
| Back to top |
|
|
|
|
