To Set Up an Administrative User

The following procedure makes use of a broker's access control file, which is described in User Authorization.

1. Enable the use of the access control file by setting the broker property imq.accesscontrol.enabled to true, which is the default value.

   The imq.accesscontrol.enabled property enables use of the access control file.

2. Open the access control file, accesscontrol.properties. The location for the file is listed in Appendix A, Distribution-Specific Locations of Message Queue Data

   The file contains an entry such as the following:

   service connection access control##################################connection.NORMAL.allow.user=*connection.ADMIN.allow.group=admin

   The entries listed are examples. Note that the admin group exists by default in the file-based user repository but does not exist by default in the LDAP directory.

3. To grant Message Queue administrator privileges to users, enter the user names as follows:

   connection.ADMIN.allow.user= userName[[,userName2] …]

   The users must be defined in the LDAP directory.

4. To grant Message Queue administrator privileges to groups, enter the group names as follows:

   connection.ADMIN.allow.group= groupName[[,groupName2] …]

   The groups must be defined in the LDAP directory.