MQSeries.net :: View topic - MQ typical user id problem

MQSeries.net

Tech Exchange

Education

Certifications

Library

Info Center

SupportPacs

FAQÂ Â

Usergroups

RSS Feed - WebSphere MQ Support

RSS Feed - Message Broker Support

MQSeries.net Forum Index » Mainframe, CICS, TXSeries » MQ typical user id problem

MQ typical user id problem

« View previous topic :: View next topic »

Author

Message

gsrinidhi

Posted: Tue Dec 19, 2006 10:40 am Post subject: MQ typical user id problem

Novice

Joined: 17 Jan 2006
Posts: 17
Location: mi

Hi,

We have messages coming from one mainframe Lpar to another.
It comes through something called IMS link between both lpar.

When it comes to another mainframe it executes a online IMS transaction. Then tries to put a message to mq. At this point it abends which says Login id not found.

Is it compulsory that the used ids to be present on both Lpars? In that case we have created 100s of user ids

The IMS link is better and does not need user id to be created on both lpar. It just validates at the orgin mainframe and executes the transaction on destination mainframe/lpar. It check once which seems to be better.

Is there a solution for this?

Thanks in advance,

Srinidhi

kevinf2349

Posted: Tue Dec 19, 2006 1:09 pm Post subject: Re: MQ typical user id problem

Grand Master

Joined: 28 Feb 2003
Posts: 1311
Location: USA

gsrinidhi wrote:

Is it compulsory that the used ids to be present on both Lpars? In that case we have created 100s of user ids

I would hope it was compulsory! If it wasn't it would be a huge security hole. I guess you could share the security database to prevent having to duplicate userids though

(Just my 2 cents)

gsrinidhi

Posted: Wed Dec 20, 2006 1:20 pm Post subject:

Novice

Joined: 17 Jan 2006
Posts: 17
Location: mi

Thanks for your feedback. In case of ims link the user is on the orgination side of mainframe. The security check is done at that time. Once security is checked it executes transaction remotely. For this you dont need users to be present on other mainframe. There is no security hole since only way the transaction executed is remotely.

Also you cant share security database on different mainframe if external subsystem.

Also dont want to create array of users on both lpars.

The solution was simple in ims link rather it complicates in mq. So architect want to go away from mq.

Thanks

kevinf2349

Posted: Wed Dec 20, 2006 2:45 pm Post subject:

Grand Master

Joined: 28 Feb 2003
Posts: 1311
Location: USA

Couldn't you utilise the alternate userid field for everything coming in from your system?

bruce2359

Posted: Wed Dec 20, 2006 3:52 pm Post subject:

Guest

you said "Then tries to put a message to mq. At this point it abends which says Login id not found. "

What tries to put a message to mq? What abends? What issues the Login id not found message? Mainframe applications issue message ids along with the narrative. What error message did you get? Where?

I'd take a wild guess and speculate that the two lpars do not share a racf database, and therefore the userids passed from one mainframe application (IMS) to another (MQ) are not being validated on the MQ instance. But lacking anything specific, it's just a guess.

A RACF database can be shared across lpars.

Display posts from previous:

Page 1 of 1

MQSeries.net Forum Index » Mainframe, CICS, TXSeries » MQ typical user id problem

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Protected by Anti-Spam ACP