App Connect

App Connect

Join this online user group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  AMQ9776E: Channel was blocked by userid

    Posted 26 days ago

    Hi Team,

    I want to bring to your attention an issue that I have encountered with our virtual machines. I have two Windows VMs, VM1 and VM2, where VM1 is configured for IBM MQ 9.4.2 and VM2 is for the IBM ACE V13 Integration node. The message flow deployed on VM2 connects to the queue on VM1 via a client using the server connection channel, host, and port.

    Both VM1 and VM2 are running services using the same domain account username (Working fine with a different domain account). However, when the MQ input node attempts to establish the connection, the following error has been spotted on the Queue manager log.

    I would appreciate it if you could take a look at the issue and provide your insights on how we can resolve it. Thank you for your assistance.

    MQSC Commands:

    DEFINE CHANNEL(ESB.BLKALDN.SVRCONN) CHLTYPE(SVRCONN) TRPTYPE(TCP) DESCR('Server connection for ESB Server') REPLACE
SET AUTHREC OBJTYPE(QMGR) PRINCIPAL('Svc_Middleware@APAC') AUTHADD(ALL)
SET AUTHREC PROFILE('*') OBJTYPE(QUEUE) PRINCIPAL('Svc_Middleware@apac') AUTHADD(ALL)
SET AUTHREC PROFILE('SYSTEM.ADMIN.COMMAND.QUEUE') OBJTYPE(QUEUE) PRINCIPAL('Svc_Middleware@apac') AUTHADD(ALL)
SET CHLAUTH('ESB.BLKALDN.SVRCONN') TYPE(ADDRESSMAP) ADDRESS('*') USERSRC(NOACCESS)
SET CHLAUTH(ESB.BLKALDN.SVRCONN) TYPE(ADDRESSMAP) ADDRESS('172.19.2.93') USERSRC(CHANNEL) ACTION(ADD)
REFRESH SECURITY TYPE(CONNAUTH)

    Error:

    03/06/2025 15:57:25 - Process(6292.2) User(Svc_Middleware) Program(amqrmppa.exe)
Host(CMNRMQDV01) Installation(v9420)
VRMF(9.4.2.0) QMgr(MYMQ)
Time(2025-06-03T05:57:25.041Z)
RemoteHost(172.19.2.93)
CommentInsert1(ESB.BLKALDN.SVRCONN)
CommentInsert2(172.19.2.93)
CommentInsert3(MCAUSER(Svc_Middleware) CLNTUSER(Svc_Middleware) ADDRESS(cmnresbdv02))

AMQ9776E: Channel was blocked by userid

EXPLANATION:
The inbound channel 'ESB.BLKALDN.SVRCONN' was blocked from address
'172.19.2.93' because the active values of the channel were mapped to a userid
which should be blocked. The active values of the channel were
'MCAUSER(Svc_Middleware) CLNTUSER(Svc_Middleware) ADDRESS(cmnresbdv02)'.
ACTION:
Contact the systems administrator, who should examine the channel
authentication records to ensure that the correct settings have been
configured. The ALTER QMGR CHLAUTH switch is used to control whether channel
authentication records are used. The command DISPLAY CHLAUTH can be used to
query the channel authentication records.


    ------------------------------
    Thanga Perumal
    ------------------------------


  • 2.  RE: AMQ9776E: Channel was blocked by userid

    Posted 26 days ago

    add to your setup

    alter qmgr revdns(disabled)

set chlauth(ESB.BLKALDN.SVRCONN) type(blockuser) userlist('nobody') warn(no) action(replace)

    This will take care of the address and any problems by having the ESB user a member of the mqm group.

    Hope it helps



    ------------------------------
    Francois Brandelik
    ------------------------------

    Original Message


Related Content