Scribd Logo
Upload

Welcome to Scribd!

  • 369 views

    How To Remove An IBM MQ Channel Authentication Record (CHLAUTH)

    Uploaded by

    muraliarepu
    This document provides guidance on how to remove an IBM MQ channel authentication record (CHLAUTH) that was previously added. It explains that when specifying attributes like the CLNTUSER in the SET CHLAUTH command to remove the record, the value must be enclosed in single quotes to prevent it from being converted to uppercase. It also clarifies that not all attributes used to create the record can be used to remove it, as some are not valid parameters for the REMOVE action. An example demonstrating these points is provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    How To Remove An IBM MQ Channel Authentication Record (CHLAUTH)

    Uploaded by

    muraliarepu
    369 views3 pages
    This document provides guidance on how to remove an IBM MQ channel authentication record (CHLAUTH) that was previously added. It explains that when specifying attributes like the CLNTUSER in the SET CHLAUTH command to remove the record, the value must be enclosed in single quotes to prevent it from being converted to uppercase. It also clarifies that not all attributes used to create the record can be used to remove it, as some are not valid parameters for the REMOVE action. An example demonstrating these points is provided.

    Original Description:

    Original Title

    How to remove an IBM MQ channel authentication record (CHLAUTH)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides guidance on how to remove an IBM MQ channel authentication record (CHLAUTH) that was previously added. It explains that when specifying attributes like the CLNTUSER in the SET CHLAUTH command to remove the record, the value must be enclosed in single quotes to prevent it from being converted to uppercase. It also clarifies that not all attributes used to create the record can be used to remove it, as some are not valid parameters for the REMOVE action. An example demonstrating these points is provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    369 views3 pages

    How To Remove An IBM MQ Channel Authentication Record (CHLAUTH)

    Uploaded by

    muraliarepu
    This document provides guidance on how to remove an IBM MQ channel authentication record (CHLAUTH) that was previously added. It explains that when specifying attributes like the CLNTUSER in the SET CHLAUTH command to remove the record, the value must be enclosed in single quotes to prevent it from being converted to uppercase. It also clarifies that not all attributes used to create the record can be used to remove it, as some are not valid parameters for the REMOVE action. An example demonstrating these points is provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 3

    Page 1 of 3

    How to remove an IBM MQ channel authentication record (CHLAUTH)

    https://www.ibm.com/support/pages/node/196565

    Date last updated: 10-Apr-2022

    Angel Rivera
    IBM MQ Support
    https://www.ibm.com/products/mq/support
    Find all the support you need for IBM MQ

    +++ Question

    You have added a channel authentication record into an IBM MQ queue manager:
    SET CHLAUTH(*) TYPE(USERMAP) CLNTUSER(testuser) USERSRC(CHANNEL) ACTION(ADD)
    AMQ8877: WebSphere MQ channel authentication record set.

    Then you display it:


    DISPLAY CHLAUTH(*) TYPE(USERMAP)
    AMQ8878: Display channel authentication record details.
    CHLAUTH(*) TYPE(USERMAP) CLNTUSER(testuser) USERSRC(CHANNEL)

    Now you want to remove it and you try executing the following runmqsc command which
    you constructed using copy and paste from the above output:
    DELETE CHLAUTH(*) TYPE(USERMAP) CLNTUSER(testuser) USERSRC(CHANNEL)

    But you get the following error:


    AMQ8405: Syntax error detected at or near end of command segment below:
    DELETE CHLAUTH The DELETE CHLAUTH does not exist

    After consulting the online manual for MQ you read that you have to use:
    SET CHLAUTH command with the argument ACTION(REMOVE)

    You try now:


    SET CHLAUTH(*) TYPE(USERMAP) CLNTUSER(testuser) ACTION(REMOVE)
    But you get the following error:
    AMQ8884: Channel authentication record not found.
    You specified the attribute CLNTUSER(testuser) as it was shown in the output of the DISPLAY
    CHLAUTH(*), thus, you think the record should be found. You want to know what is the
    problem?
    Page 2 of 3

    +++ Cause

    See the following sections of the online manual:

    https://www.ibm.com/docs/en/ibm-mq/9.2?topic=administering-administration-using-
    mqsc-commands
    IBM MQ / 9.2 /
    Administration using MQSC commands
    "Keywords are not case sensitive: AltER, alter, and ALTER are all acceptable. Anything that
    is not contained within quotation marks is folded to uppercase."

    https://www.ibm.com/docs/en/ibm-mq/9.2?topic=objects-rules-naming-mq
    IBM MQ / 9.2 /
    Rules for naming IBM MQ objects
    Characters in object names
    "In MQSC scripts, names with lowercase characters must be enclosed in single quotation
    marks.
    This prevents the lowercase characters being folded into uppercase."

    The above means that when specifying the SET command with the following value:
    CLNTUSER(testuser)

    … the string 'testuser' will be folded to upper-case resulting in the following value being
    actually used by runmqsc:
    CLNTUSER(TESTUSER)

    And in this case, there is no record for the user TESTUSER (the record is for 'testuser').
    Answer

    NOTICE that the userid mentioned in the CLNTUSER field of the output of the DISPLAY
    CHLAUTH command is NOT surrounded by single quotes.
    However, you MUST include the single quotes when specifying the value during an
    ACTION(REMOVE):

    SET CHLAUTH(*) TYPE(USERMAP) CLNTUSER('testuser') ACTION(REMOVE)


    Page 3 of 3

    ++ Example of record with more attributes

    Let's examine the case when a record has more attributes, such as:

    SET CHLAUTH(MY.CHANNEL) TYPE(USERMAP) CLNTUSER('client_1') USERSRC(MAP)


    MCAUSER('user_1') ADDRESS('*') ACTION(ADD)
    AMQ8877: MQ channel authentication record set.

    display CHLAUTH(MY.CHANNEL)
    AMQ8878: Display channel authentication record details.
    CHLAUTH(MY.CHANNEL) TYPE(USERMAP)DESCR( ) CUSTOM( ) ADDRESS(*) CLNTUSER(client_1)
    MCAUSER(user_1) USERSRC(MAP)

    You want to delete the record and you try the following command which is based on the
    command that worked well for a simpler case. But this time, it fails:

    SET CHLAUTH(MY.CHANNEL) TYPE(USERMAP) CLNTUSER('client_1') ACTION(REMOVE)


    AMQ8884: Channel authentication record not found.

    You try the original command that created the record, but changing the action to REMOVE:
    SET CHLAUTH(MY.CHANNEL) TYPE(USERMAP) CLNTUSER('client_1') USERSRC(MAP)
    MCAUSER('user_1') ADDRESS('*') ACTION(REMOVE)
    AMQ8885: Parameter not allowed for this action on a channel authentication record.

    The attribute USERSRC is not a valid parameter for the REMOVE action (see table below).
    Therefore, by removing this attribute, then the following command worked successfully to
    remove the record:
    SET CHLAUTH(MY.CHANNEL) TYPE(USERMAP) CLNTUSER('mengano') ADDRESS('*')
    ACTION(REMOVE)
    AMQ8877: MQ channel authentication record set.

    See:
    https://www.ibm.com/docs/en/ibm-mq/9.2?topic=reference-set-chlauth-create-modify-
    channel-authentication-record
    IBM MQ / 9.2 /
    SET CHLAUTH (create or modify a channel authentication record)
    Use the MQSC command SET CHLAUTH to create or modify a channel authentication record.
    .
    You need to take a look at the table:

    Usage notes
    The following table shows which parameters are valid for each value of ACTION

    +++ end

    You might also like