How do I setup rules to enable/disable usage of IBM File Manager?s Websphere MQ support?

Document ID : KB000013865
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

How do I setup rules to enable/disable usage of IBM File Manager’s Websphere MQ support?

 

Answer:

The  File Manager’s Websphere MQ resource validations are based on the Resource FMNMQ.DISABLE.system_name which 'disables' or disallows access. If a user has READ access or higher to the 'disable' resource FMNMQ.DISABLE.system_name the user is not allowed to Websphere MQ functionality within File Manager. If a user has no access to the 'disable' resource FMNMQ.DISABLE.system_name the user is allowed to Websphere MQ functionality within File Manager.

In the IBM 'Disabling Websphere MQ feature by system name' examples: 

Example 1. Define a profile to disable all users on the system that is named FMPROD except "myuser". The ACF2 sample rule would be:

$KEY(FMNMQ) TYPE(FAC)
 DISABLE.system_name UID(uid string for myuser) PREVENT
 DISABLE.system_name UID(*) SERVICE(READ)

User myuser has No access so myuser will be allowed to Websphere MQ functionality within File Manager.

All other users have READ access so all other users will not be allowed to Websphere MQ functionality within File Manager. 

Example 2. Define a profile to enable all users on the system that is named FMPROD except "myuser". The ACF2 sample rule would be:

$KEY(FMNMQ) TYPE(FAC)
 DISABLE.system_name UID(uid string for myuser) SERVICE(READ) ALLOW
 DISABLE.system_name UID(*) PREVENT

User myuser has READ access so myuser will not be allowed to Websphere MQ functionality within File Manager.

All other users have NO access so all other users will be allowed to Websphere MQ functionality within File Manager.