Securing MQ RESLEVEL
search cancel

Securing MQ RESLEVEL

book

Article ID: 244484

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

How to protect RESLEVELs profiles in MQ 9.0 under Top Secret?

Environment

Release : 16.0

Component : Top Secret for z/OS

Resolution

IBM MQ 9.0 RESLEVEL security documentation explains:

  • How the MQ product will react depending on the ACCESS level you set on the PERMIT in the BATCH environment.

  • How MQ will behave in the CICS connection based on the ACCESS level you give it on the PERMIT mentioned above.

  • How MQ will behave in the channel initiator connection based on the ACCESS level you give it on the PERMIT mentioned above.

-----------------------------------------------------------------------

1. If you decide to secure RESLEVEL resource, define them to TSS via:

TSS ADD(owningacid) MQADMIN(hlp)

TSS ADD(owningacid) MXADMIN(hlq)

Where hlq can be either ssid (subsystem ID) or qsg (queue sharing group ID).

 

2. Then PERMIT them to their respective users or PROFILEs:

TSS PER(acid/profile) MQADMIN(hlp.RESLEVEL) ACCESS(accesslevel)

TSS PER(acid/profile) MXADMIN(hlq.RESLEVEL) ACCESS(accesslevel)

Where hlq can be either ssid (subsystem ID) or qsg (queue sharing group ID).

 

Powered by Wolken Software