Windows security configuration
Java development
WebSphere MQ Everyplace provides a sample Windows NT authenticator, but the default WebSphere MQ Everyplace installation
does not make all the changes necessary for this authenticator to execute.
If you wish to use the authenticator you should complete the following configuration.
Note:
The Windows NT authenticator is used by the MQe_Explorer that is shipped
in SupportPac ES02.
- The file JavaNT.dll, which interfaces between WebSphere MQ Everyplace and Windows
security, must be placed in the search path or in the current directory.
In a standard installation, this file is located in C:\Program Files\MQe\Java\demo\Windows\i86\NT. Put a copy of this file in the directory that contains your Windows .dll files (normally C:\WINNT\system32).
Note:
This
makes the sample authenticator available to all WebSphere MQ Everyplace applications. If you
only wish to make the authenticator available to the MQe_Explorer, put the copy
of JavaNT.dll in the same directory as MQe_Explorer.exe.
- Security permissions must be set correctly for the JavaNT.dll to
be granted permission to access the Windows user/password database.
- On Windows 2000:
-
- From the Start button click on Programs, then Administrative
Tools, then Local Security Policy
- In the Local Security Settings panel click on Local Policies in the left hand pane, then User Rights Assignment. In the
right hand pane check that your current user ID is assigned
all of the following privileges:
- Act as part of the operating system
- Log on as a service
- Log on locally
If all these privileges are not assigned to your ID, double click the
relevant privilege and add your user ID.
- On Windows NT:
-
- From the Start button click on Programs, then Administrative
Tools, then User Manager.
- In the Policies menu click on User Rights
- In the User Rights Policy dialogue, check the box Show Advanced
User Rights. Check the following rights in turn:
- Act as part of the operating system
- Log on as a service
- Log on locally
Each right should be granted to the logged on user ID.
If your ID, or a group to which your ID belongs, is not listed for any of
these rights, click the Add button to add your ID to the Grant
to list.
When all the privileges have been set you must then logoff Windows and
logon again to get these privilege enabled for the current session (it is
not necessary to reboot the machine).
C development
WebSphere MQ Everyplace provides a sample Windows CE authenticator. If you want to use the
authenticator, copy the WinCEAuthenticator.dll to your decive. Refer to Error and error handlingfor information on how to do this.