MQSeries.net :: View topic - mqsicreateaclentry for Deploys / View only

PeterPotkay · Posted: Tue Sep 18, 2007 5:26 pm Post subject:

ACL Permissions

This link shows I can grant "Deploy" for a Broker, and the description says "Deploy Broker Configuration". Does that mean a user / group with this ACL permission will be able to deploy to all Execution Groups on that Broker, as well as view? I'm not clear on what exactly "Deploy Broker Configuration" means.

I have 6 users who I want to be able to deploy flows, stop/start flows and veiw anything and everything, but nothing else. I'm going to put all their domain IDs into a new local group called WMBUsers on the Config Manager server.

It looks like if I gave Deploy rights for these users for each Execution Group that would do it, but I have multiple Brokers with multiple Execution Groups. I would prefer not having to run the command over and over for each Execution Group.

Will this:
mqsicreateaclentry -g WMBUsers -a -x D -b MyBrokerName

give them what I want for all EGs on a Broker, or am I misinterpreting what Deploy Broker Configuration means? I will try it but I want to know if I'm granting to much rights?

Or do I have to do this:
mqsicreateaclentry -g WMBUsers -a -x D -e EG1
mqsicreateaclentry -g WMBUsers -a -x D -e EG2
mqsicreateaclentry -g WMBUsers -a -x D -e EG3
mqsicreateaclentry -g WMBUsers -a -x D -e EG4
mqsicreateaclentry -g WMBUsers -a -x D -e EG5
mqsicreateaclentry -g WMBUsers -a -x D -e EG6
mqsicreateaclentry -g WMBUsers -a -x D -e EG7
mqsicreateaclentry -g WMBUsers -a -x D -e EG8
mqsicreateaclentry -g WMBUsers -a -x D -e EG9
_________________
Peter Potkay
Keep Calm and MQ On