| Author |
Message
|
| venuprsd |
 Posted: Mon Apr 02, 2012 9:20 pm Post subject: Broker Service Id details |
 |
|
Apprentice
Joined: 15 Aug 2010
Posts: 44
|
Hi Experts,
We are having separate Broker Service Id and DB Service Id in AIX Env.
Is that manadatory Broker Service Id password should be in non expiry in AIX Level?
Kindly provide me your valuable suggestions. I read in help center and now where it is mentioned. We are using MB 6.1
Thank you so much
Venu:) |
|
| Back to top |
|
 |
| smdavies99 |
| Posted: Mon Apr 02, 2012 9:40 pm Post subject: Re: Broker Service Id details |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
| venuprsd wrote: |
Hi Experts,
We are having separate Broker Service Id and DB Service Id in AIX Env.
Is that manadatory Broker Service Id password should be in non expiry in AIX Level
|
Just think about what would happen if the Broker Service account password was changed or expired...
Say the pwd expired and you are in a HACMP envirnoment and you had to failover. Would the broker be able to start on the other machine if the pwd didn't match what was configured OR the pwd had expired?
Then go and try explaining to your bosses that the critical transfer of $10/$10K/$10M or even $10B of funds into the company had not been done.
All sorts of ramifications (both legal and financial) could hit them.
If you can be totally sure that the procedure for expiring the broker accnt password and then updating the broker data with the new one is TOTALLY INFALLABLE then regular password expiry is really not a good idea.
Please tell us why you are thinking of doing this?
Was it some so called 'security expert/consultant' who insists that all passwords my be changed hourly/daily/weekly?
Please tell us, we'd like to know.
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
| joebuckeye |
| Posted: Tue Apr 03, 2012 4:40 am Post subject: Re: Broker Service Id details |
|
|
Partisan
Joined: 24 Aug 2007
Posts: 365
Location: Columbus, OH
|
| venuprsd wrote: |
| Is that manadatory Broker Service Id password should be in non expiry in AIX Level? |
Only if you want to stay sane.
I would also suggest disabling login in for that id. If someone needs to use that id make them sudo over to it. That provides an audit trail for who logged in as that id. |
|
| Back to top |
|
|
| Vitor |
| Posted: Tue Apr 03, 2012 4:44 am Post subject: Re: Broker Service Id details |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| joebuckeye wrote: |
| I would also suggest disabling login in for that id. If someone needs to use that id make them sudo over to it. That provides an audit trail for who logged in as that id. |
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| lancelotlinc |
| Posted: Tue Apr 03, 2012 5:06 am Post subject: |
|
|
Jedi Knight
Joined: 22 Mar 2010
Posts: 4941
Location: Bloomington, IL USA
|
|
| Back to top |
|
|
|
|
