Preventing security access checks on AIX, Linux, and Windows systems
Note: This topic describes functionality that is not recommended to be enabled. To turn off security checking you can disable the object authority manager (OAM). This might be suitable for a test environment. When disabled, the queue manager is no longer be able to perform authorization or connection authentication checks. TLS, Channel Authentication records, and security exits can still be used. Having disabled or removed the OAM, you cannot add an OAM to an existing queue manager.
If you decide that you do not want to perform security checks (for example, in a test environment), you can disable the OAM in one of two ways:
- Before you create a queue manager, set the operating system environment variable MQSNOAUT.
For information about the implications of setting the MQSNOAUT variable, and how you set MQSNOAUT on AIX®, Linux®, and Windows, see Environment variables descriptions.
- Edit the queue manager configuration file to remove the service.
- The OAM does not validate the specified principal, or group, meaning that the command can accept invalid values.
- The OAM does not perform security checks and indicates that all principals and groups are authorized to perform all applicable object operations.
- Any credentials passed to the OAM for authentication checks are not validated.