WebSphere MQ Everyplace provides a sample Windows NT authenticator, but the
default WebSphere MQ Everyplace installation does not make all the changes
necessary for this authenticator to execute. If you wish to use the
authenticator you should complete the following configuration.
- Note:
- The Windows NT authenticator is used by the MQe_Explorer that is shipped in
SupportPac ES02.
- The file JavaNT.dll, which interfaces between WebSphere MQ
Everyplace and Windows security, must be placed in the search path or in the
current directory. In a standard installation, this file is located in
C:\Program Files\MQe\Java\demo\Windows\i86\NT. Put a copy of this
file in the directory that contains your Windows .dll files (normally
C:\WINNT\system32).
- Note:
- This makes the sample authenticator available to all WebSphere MQ Everyplace
applications. If you only wish to make the authenticator available to
the MQe_Explorer, put the copy of JavaNT.dll in the same directory as
MQe_Explorer.exe.
- Security permissions must be set correctly for the JavaNT.dll to be
granted permission to access the Windows user/password database.
- On Windows 2000:
-
- From the Start button click on Programs, then Administrative Tools, then
Local Security Policy
- In the Local Security Settings panel click on Local Policies in the left
hand pane, then User Rights Assignment. In the right hand pane check
that your current user ID is assigned all of the following
privileges:
- Act as part of the operating system
- Log on as a service
- Log on locally
If all these privileges are not assigned to your ID, double click the
relevant privilege and add your user ID.
- On Windows NT:
-
- From the Start button click on Programs, then Administrative Tools, then
User Manager.
- In the Policies menu click on User Rights
- In the User Rights Policy dialogue, check the box Show Advanced User
Rights. Check the following rights in turn:
- Act as part of the operating system
- Log on as a service
- Log on locally
Each right should be granted to the logged on user
ID. If your ID, or a group to which your ID belongs, is not
listed for any of these rights, click the Add button to add your ID to the
Grant to list.
When all the privileges have been set you must then logoff Windows and
logon again to get these privilege enabled for the current session (it is not
necessary to reboot the machine).
© IBM Corporation 2002. All Rights Reserved