MQSeries.net :: View topic

halbster · Posted: Tue Jul 11, 2006 2:29 am Post subject:

Hi,

We are running WMB v6 with DB2 on AIX 5.3. We have an issue caused by the Broker UserId Password expiring at the OS level.

When the OS password expires, and is changed, the password must also be updated in the Broker (using mqsichangebroker -p)

The obvious answer here is to set the OS password to never expire.

I have also been looking at the option of specifying a blank password in the mqsichangebroker command. I assume this would allow the broker to connect to DB2 with its OS UserID/Password. According to the manual, this should work, however I have had no success.

The mqsichangebroker command has the following -p options:
-p DataSourcePassword
(Optional -Windows, Linux, and UNIX systems) The password of the user ID with which the databases containing broker tables and user data are to be accessed.
For DB2 on Linux and UNIX systems, -p can be specified as an empty string (two double quotation marks, ""). In this case, DB2 grants WebSphere Business Integration Event Broker the privileges of the ServiceUserID which results in a database connection as "already verified". If you specify an empty string for -a and -p, no passwords are stored by WebSphere Business Integration Event Broker, creating the most secure configuration.
You must ensure that you change all instances of the use of this password. If you have created (or changed) the broker to use the same user ID and password for its service user ID as well as its database access, you must update both instances at the same time. See the description of the -a parameter for further details.

I tried setting both the -a and -p flags to "" however the Broker still could not connect to DB2, and clearly states "Password Missing".

For your information I get the following errors reported in syslog:

Jul 7 16:19:11 hostnameXXX user:info WebSphere Broker v6000[1802386]: (BrokernameXXX)
[1]BIP2001I: The WebSphere Message Brokers service has started at version 6000;
process ID 1700088. : BrokernameXXX.service: /build/S000_P/src/AdminAgent/ControlProce
ss/rios_aix_4/ImbControlService.cpp: 338: ImbControlService::StartNewAA: :
Jul 7 16:19:11 hostnameXXX user:err|error WebSphere Broker v6000[1700088]: (BRS
YD87)[1]BIP2048E: An Exception was caught while issuing database SQL command con
nect. : BrokernameXXX.agent: /build/S000_P/src/AdminAgent/ImbAdminStore.cpp: 304: ImbA
dminStore::Connect: :
Jul 7 16:19:11 hostnameXXX user:err|error WebSphere Broker v6000[1700088]: (BRS
YD87)[1]BIP2321E: Database error: ODBC return code '-1'. : BrokernameXXX.agent: /build
/S000_P/src/DataFlowEngine/ImbOdbc.cpp: 232: ImbOdbcHandle::checkRcInner: :
Jul 7 16:19:11 hostnameXXX user:err|error WebSphere Broker v6000[1700088]: (BRS
YD87)[1]BIP2322E: Database error: SQL State '08001'; Native Error Code '-30082';
Error Text '[IBM][CLI Driver] SQL30082N Attempt to establish connection failed
with security reason "3" ("PASSWORD MISSING"). SQLSTATE=08001 '. : BrokernameXXX.age
nt: /build/S000_P/src/DataFlowEngine/ImbOdbc.cpp: 360: ImbOdbcHandle::checkRcInn
er: :
Jul 7 16:19:11 hostnameXXX user:err|error WebSphere Broker v6000[1700088]: (BRS
YD87)[1]BIP2053E: The broker made an unsuccessful attempt to access its database
WMQIBKDB with userid BrokernameXXX. : BrokernameXXX.agent: /build/S000_P/src/AdminAgent/Imb
AdminAgent.cpp: 480: ImbAdminAgent::instanceOfAdminAgent: :

Should this work? Am I missing something?

Also, just wondering how others handle this situation.

Any assistance is appreciated. Thanks.