To create a new Channel authentication record:
- Click the Add
button within a Channel authentication record (channel auth rec) viewlet. The Select Object Path window opens.
- Specify the workgroup server, node, queue manager (leave the asterisk to create a new channel authentication record in all queue managers of the workgroup server) and object subtype. You can create Block User Map, Block Address Map, SSL Peer Map, Address Map, User Map or Queue Manager Map channel authentication record types. For more information, please see the following IBM documentation: https://www.ibm.com/support/knowledgecenter/en/SSFKSJ_9.0.0/com.ibm.mq.explorer.doc/e_properties_chlauth.html.
- Click Select path to open the Channel Authentication Record Create window.
- Every channel auth rec type has two common tabs: General and Extended. On the General tab specify the channel profile name and add the description.
- On the Extended tab, specify Yes or No from the Warning drop-down. Setting this option to Yes will use a warning instead of blocking access.
- Within the Custom field, enter new feature configurations before separate attributes have been introduced.
- Block channel auth recs will have the Block tab as seen below. Specify users who should not have access to this channel (or channels). Creation of a Block User Map authentication record is displayed in the figure below.
- Instead of the User list field as seen above, the Block tab of a Block Address Map will have an Address list field. Enter the IP address(es) or IP address pattern(s) to be blocked from connecting to this queue manager using any channel. The IP address pattern(s) can also include an asterisk as a wildcard to represent one or more parts of the address.
- SSL Peer Map, Address Map, User Map and Queue Manager Map records have the Address tab. An Address field appears on this tab which is used as a filter. Specify the filter to be used to compare with the client or partner queue manager's IP address at the other end of the channel.
- SSL Peer channel auth recs have the SSL Peer tab. This tab has fields to specify SSL Peer and SSL/TSL Issuer’s Distinguished Name.
- User Map channel auth recs also have a ClientUser tab to specify Client user ID.
- Queue Manager Map records have the Queue Manager tab to specify the Remote queue manager.