Use the mqsiwebuseradmin command to administer user accounts for the web user interface on z/OS®.
>>-mqsiwebuseradmin--integrationNodeName--+- l= +---------------> +- c= + +- m= + '- d= ' >--+---------------+--+---------------+--+-----------+----------> '- u= -username-' +- a= -password-+ '- r= -role-' '- x= ----------' >--+-------------------+--+-----------------------+------------>< '- -w --timeoutSecs-' '- -v -- traceFileName -'
Synonym: wua
>>-+-webuseradmin-+--+-l=yes-+--+------------+------------------> '-wua----------' +-c=yes-+ '-u=username-' +-m=yes-+ '-d=yes-' >--+------------+--+--------+--+---------------+----------------> +-a=password-+ '-r=role-' '-w=timeoutSecs-' '-x=yes------' >--+-----------------+----------------------------------------->< '-v=traceFileName-'
Assuming that you have not specified a value of '*' for the -u parameter, if you do not specify the -r parameter when you create a web user account (by specifying the -c parameter), a default role is created with the same name as the web user account. If you are using queue-based authorization, the web user account that you create must have the same name as the system user account that has been specified on the system.
If you have specified a value of '*' for the -u parameter, and you also specify the -r parameter, all LDAP users that are not already defined as web users on the integration node will be mapped to the same role, namely the role specified in the -r parameter.
If you have specified a value of '*'' for the -u parameter, and a value of '*' for the -r parameter, then, following LDAP authentication, when doing queue-based authorization, you are responsible for ensuring that the relevant user accounts are defined and have the relevant authorizations defined.
For more information about roles, see Role-based security.
You can set this parameter to a value in the range 1 - 2 145 336 164. If you do not provide a timeoutValue value, or you set a value less than 1 or greater than 2 145 336 164 is specified, an error is returned.
Set this parameter to a value greater than the sum of the configuration timeout parameters ConfigurationChangeTimeout and InternalConfigurationTimeout that you specified for the integration node, if you want to ensure that a response is received within the timeoutValue period. If you set a smaller value, the response returned might indicate that the state of the deploy request is unknown.
In previous versions of IBM® Integration Bus, you might have used the q= parameter for this command to define a connection to a queue manager. A queue manager connection is no longer used to connect to an integration node. The q= parameter is now deprecated, and is ignored if used. If you use the q= parameter, a BIP1922 warning is displayed.
mqsiwebuseradmin IBNODE c= u=webuser1 r=admin a=password
mqsiwebuseradmin IBNODE m= u=webuser1 a=newpassword
mqsiwebuseradmin IBNODE c= u='*' x= r=iibuser
mqsiwebuseradmin IBNODE d= u=webuser1
F IBNODE,wua c=yes,u=webuser1, r=admin, a=password
F IBNODE,wua m=yes, u=webuser1, a=n3wpass
F IBNODE, wua d=yes, u=webuser1