101. How will we start a command server?
Depending on the value of the queue manager attribute, SCMDSERV, thecommand server is either started automatically when the queue manager starts, or must be started manually.
Start: Using strmqcsv saturn.queue.manager where saturn.queue.manager is the QM name
Display: dspmqcsv Stop: endmqcsv
102. When we use CCSID attribute of the ALTER QMGR command to change the CCSID of the QM what are the components that need to be restarted?
Stop and restart the queue manager, stop and restart command server (Acommand server processes command messages) and channel programs
103. What is a MQ Series Queue manager Configuration file (qm.ini)?
A queue manager configuration file (qm.ini) to effect changes for specificqueue managers. There is one qm.ini file for each queue manager on the node. (A queue manager configuration file, qm.ini, contains config information relevant to a specific queue manager. There is one queue managerconfiguration file for each queue manager. The qm.ini file is automaticallycreated when the queue manager with which it is associated is created. For example, the path and the name for a configuration file for a queue manager called QMNAME is:/var/mqm/qmgrs/QMNAME/qm.ini)
104. What is name transformation in naming a Queue manager Configuration File?
A qm.ini file is held in the root of the directory tree occupied by the queue manager. For example, the path and the name for a configuration file for a queue manager called QMNAME is: /var/mqm/qmgrs/QMNAME/qm.ini A directory name is generated based on the queue manager name. This process is known as name transformation.
105. What is a Websphere MQ configuration file (mqs.ini)?
Contains information relevant to all the queue managers on the node. It is created automatically during installation (The WebSphere MQ configuration file, mqs.ini, contains information relevant to all the queue managers on the node. It is created automatically during installation. The mqs.ini file for WebSphere MQ for UNIX systems is in the /var/mqm directory. It contains: v The names of the queue managers v The name of the default queue manager The location of the files associated with each of them)
106. How can we edit the configuration files?
Automatically using commands that change the configuration of queue managers on the node, Manually using a standard text editor
107. When security checks are made?
Connecting to the queue manager (MQCONN or MQCONNX calls), Opening the object (MQOPEN or MQPUT1 calls), Putting and getting messages (MQPUT or MQGET calls), Closing the object (MQCLOSE)
108. What is FFST?
First Failure Support Technology For MQSeries for UNIX systems, FFST information is recorded in a file in the /var/mqm/errors directory. These errors are normally severe, unrecoverable errors, and indicate either a configurationproblem with the system or an MQSeries internal error. The files are named AMQnnnnn.mm.FDC, where: nnnnn Is the ID of the process reporting the error mm Is a sequence number, normally 0 When a process creates an FFST record, it also sends a record to syslog. The record contains the name of the FFST file to assist in automatic problem tracking
109. How to re-Create Damaged Objects Using Log files?
1.Rcdmqimg: Use this command to write an image of an object, or group of objects, to the log for use in media recovery. This command can only be used when using linear logging.
Use the associated command rcrmqobj to recreate the object from the image.
2.Rcrmqobj: Use this command to recreate an object, or group of objects, from their images contained in the log. This command can only be used when using linear logging
Use the associated command, rcdmqimg, to record the object images to the log.
Types of recovery:
Restart recovery: When you stop WebSphere MQ in a planned way.
Crash recovery: When a failure stops WebSphere MQ.
Media recovery: To restore damaged objects.
110. What are the locations and files of the Error Logging?
MQ Series Level Errors
C:ProgramFilesIBMWebSphere MQerrorsà AMQERR01.LOG, AMQERR02.LOG, AMQERR03.LOG
Qmanager Level errors
C:ProgramFilesIBMWebSphere MQQmgrserrorsà AMQERR01.LOG, AMQERR02.LOG, AMQERR03.LOG
errors
111. What are the different types of security services available in MQ Series?
Identification & Authentication
Access control à The access control service protects critical resources in a system by limiting access only to authorized users and their applications.
Confidentiality à The confidentiality service protects sensitive information from unauthorized disclosure
Data integrity à The data integrity service detects whether there has been unauthorized modification of data. There are two ways in which data might be altered: accidentally, through hardware and transmission errors, or because of a deliberate attack, Non-repudiation.
CommandsFor Authorization:
1.setmqaut: Command used to change the authorizations to a profile, object or class of objects. Authorizations can be granted to, or revoked from, any number of principals or groups.
2.dspmqaut: Command to display the current authorizations to a specified object. If a user ID is a member of more than one group, this commanddisplays the combined authorizations of all the groups.
Only one group or principal can be specified.
3.dmpmqaut: Command to dump the current authorizations to a specified object.
112. What are the different methods handled by MQ Series for securing a message?
Cryptography Message digests
Digital signatures Digital certificates
Public Key Infrastructure (PKI)
113. What is Cryptography, Why and where it is used in MQ Series?
Cryptography is the process of converting between readable text, called plaintext, and an unreadable form, called cipher text.
The sender converts the plaintext message to cipher text. This part of the process is called encryption (sometimes encipherment).The cipher text is transmitted to the receiver. The receiver converts the cipher text message back to its plaintext form. This part of the process is called decryption (sometimes decipherment).
The conversion involves a sequence of mathematical operations that change the appearance of the message during transmission but do not affect the content. Cryptographic techniques can ensure confidentiality and protect messages against unauthorized viewing (eavesdropping), because an encrypted message is not understandable. Digital signatures, which provide an assurance of message integrity, use encryption techniques.
114. What is a Message Digest, Digital Signature and Digital Certificate?
Message digest: Is also known as a Message Authentication Code (MAC), because it can provide assurance that the message has not been modified. The message digest is sent with the message itself. The receiver can generate a digest for the message and compare it with the sender’s digest. If the two digests are the same, this verifies the integrity of the message. Any tampering with the message during transmission almost certainly results in a different message digest.
Digital signature: Is formed by encrypting a particular representation of a message the encryption uses the private key of the signatory and, for efficiency, usually operates on a message digest rather than the message itself. Digital signatures vary with the data being signed, unlike handwritten signatures, which do not depend on the content of the document being signed. If two different messages are signed digitally by the same entity, the two signatures differ, but both signatures can be verified with the same public key, that is, the public key of the entity that signed the messages.
Digital certificates: Provide protection against impersonation, because a digital certificate binds a public key to its owner, whether that owner is an individual, a queue manager, or some other entity. Digital certificates are also known as public key certificates, because they give you assurances about the ownership of a public key when you use an asymmetric key scheme.
115. What is a Secure Sockets Layer (SSL), where it is used?
The Secure Sockets Layer (SSL) provides an industry standard protocol for transmitting data in a secure manner over an insecure network. The SSL protocol is widely deployed in both Internet and Intranet applications. SSL defines methods for authentication, data encryption, and message integrity for a reliable transport protocol, usually TCP/IP.
116. What are Cipher Suites and Cipher Specs in SSL?
Cipher Suite: Is a suite of cryptographic algorithms used by an SSL connection. A suite comprises three distinct algorithms. The key exchange and authentication algorithm, used during the SSL handshake. The encryption algorithm, used to encipher the data.The MAC (Message Authentication Code) algorithm, used to generate the message digest.
Cipher Spec: Identifies the combination of the encryption algorithm and MAC algorithm. Both ends of an SSL connection must agree the same CipherSpec to be able to communicate.
117. What are the steps to be followed in working with SSL on an UNIX environment?
1.Setting up a key repository 2.Working with a key repository
3.Obtaining personal certificates 4.Managing digital certificates
5.Configuring for cryptographic hardware 6.Mapping DNs to user IDs
7.Adding personal certificates to a key repository
118. What are Websphere MQ installation naming consideration?
Ensure that the machine name does not contain any spaces. If you insatall in such a machine you cannot create and Queue managers. Names for userId and group must no longer that 20 characters
119. What is CCSID?
This defines the character set of character data in the message. If you want to set this character set to that of the queue manager, you can set this field to the constant MQCCSI_Q_MGR or MQCCSI_INHERIT. When you get a message from a queue, compare the value of the CodedCharSetId field with the value that your application is expecting. If the two values differ, you might need to convert any character data in the message or use a data-conversion message exit if one is available
Channel: Communication Paths between Queue Managers.
Tell Some Default objects: (43 objects)
Queues: SYSTEM.DEFAULT.LOCAL QUEUE SYSTEM.DEFAULT.MODEL.QUEUE
SYSTEM.DEFAULT.REMOTE.QUEUE SYSTEM.DEFAULT.ALIAS.QUEUE
SYSTEM.DEFAULT.INITIATION.QUEUE SYSTEM.DEAD.LETTER.QUEUE
Channel Queues: SYSTEM.CHANNEL.INITQ SYSTEM.CHANNEL.SYNCQ
Admin Queues: SYSTEM.ADMIN.ACCOUNTING.QUEUE
SYSTEM.ADMIN.ACTIVITY.QUEUE
SYSTEM.ADMIN.COMMAND.QUEUE
SYSTEM.ADMIN.STATISTICS.QUEUE
SYSTEM.ADMIN.TRACE.ROUTE.QUEUE
Channels: SYSTEM.AUTO.RECEIVER SYSTEM.AUTO.SVRCONN
SYSTEM.DEF.CLUSRCVR SYSTEM.DEF.CLUSSDR
SYSTEM.DEF.RECEIVER SYSTEM.DEF.REQUESTER
SYSTEM.DEF.SENDER SYSTEM.DEF.SERVER
SYSTEM.DEF.SVRCONN
Listeners: SYSTEM.DEFAULT.LISTENER.TCP
SYSTEM.DEFAULT.LISTENER.SPX
SYSTEM.DEFAULT.LISTENER.NETBIOS
SYSTEM.DEFAULT.LISTENER.LU62
Process Def: SYSTEM.DEFAULT.PROCESS
Services: SYSTEM.DEFAULT.SERVICE SYSTEM.BROKER
Name Lists: SYSTEM.DEFAULT.NAMELIS
Event Queues:SYSTEM.ADMIN.CHANNEL.EVENT
SYSTEM.ADMIN.LOGGER.EVENT
SYSTEM.ADMIN.PERFM.EVENT
SYSTEM.ADMIN.QMGR.EVENT
120. What are advantages of creating Aliases? Why do we create Alias?
When sending messages: Re mapping the queue-manager name when sending messages, Altering or specifying the transmission queue when sending messages, Determining the destination when receiving messages, Using a queue manager as a gateway into the cluster. Gives different application different levels of access authority to the target Queue Allows different applications to work with the same queue in different way Simplifies maintenance, migration and workload balance
121. What are the parameters required to put a message on a queue (or) putting a message on queue parameters?
Requires a Connection handler (Hconn), a Queue handler (Hobj), a description of the message that you want to put on the queue (MQMD), Controlinformation, message length, the message data itself
122. Getting messages for a queue?
You can remove a message from the queue so that other programs can no longer see the message, you can copy a message, leaving the originalmessage on the queue. This is known as browsing. You can remove themessage once you have browsed it. In both cases, you use the MQGET call, but first your application must be connected to the queue manager, and you must use the MQOPEN call to open the queue
123. What happens when a message is put in a PUT-INHIBITED Queue?
The messages are put in the dead letter queue. If a channel is unable to put a message to the target queue because that queue is full or put inhibited,the channel can retry the operation a number of times (specified in themessage-retry count attribute) at a given time interval (specified in themessage-retry interval attribute). Alternatively, you can write your ownmessage-retry exit that determines which circumstances cause a retry, and the number of attempts made. The channel goes to PAUSED state while waiting for the message-retry interval to finish
124. What is syncpoints?
Syncpoint coordination is the process by which units of work are either committed or backed out with data integrity. The decision to commit or back out the changes is taken, in the simplest case, at the end of a transaction. However, it can be more useful for an application to synchronize data changes at other logical points within a transaction.
These logical points are called syncpoints (or synchronization points) and the period of processing a set of updates between two syncpoints is called a unit of work
125. In-doubt Channels? How will you resolve this ?
An in-doubt channel is a channel that is indoubt with the remote channel about which messages has been sent and received
Solution: We can do Commit or Rollback the messages which are in doubt.
Scenarios:
Queue open failed?
*Reason: On an MQCONN or MQCONNX call, the value specified for the QMgrName parameter is not valid or not known
*Resolution: we must correct the configuration information
Queue not found?
*Reason Code 2085 MQRC_UNKNOWN_OBJECT_NAME
*Resolution: check for the Queue name in the QManager if not found define it.
Messages sent to DLQ?
*Reason code: 2218 Message too big for Channel
*Investigation: Examine the contents of the dead-letter queue. Eachmessage is contained in a structure that describes why the message was put to the queue, and to where it was originally addressed. Also look at previouserror messages to see if the attempt to put messages to a dead-letter queue failed.
*Resolution: change the channel size as required, if the channel is a cluster channel then do a REFRESH cluster so that it will reflect to the other QM’s, then reprocess the message
Message piling(FULL) up in a Queue?
*Investigation: Check for the log files (/var/mqm/qmgrs/<qmgrname>/errors/*.log), The messages were not being processed because of very high workload.
*Resolution: SSL
*Authentication failure:
The SSL client does not have a certificate
A certificate has expired or is not yet active
A certificate is not supported
A certificate is corrupted
May be ssl version upgradation
Channel refuses to run or channel retry?
*Reason: A mismatch of name between a sending and receiving channels, Incorrect channel type specified, A receiver channel might be in stopped state, the connection might not be defined Correctly, there might be a problem with communication software.
*Resolution: Alter the Queue and REFRESH the cluster to reflect the change in the information stored in the partial repository
126. Explain Handling messages more than 4 MB?
Increase the Queue and Queue manager MaxMsgLength attributes, Use segmented messages (Messages can be segmented by either the application or the Queue manager), use reference message.
127. What is DQM: DISTRIBUTED QUEUEING MANAGEMENT
Setuping & Controlling of Message Channel in Message Queuing for Q Managers on Distributed Systems.
128. What is the SSL Version used in WMQ5.3?
Version 3.0
129. NPMSPEED FAST. What happens if the channel goes down?
Nonpersistent message speed (NPMSPEED) It is used to specify the speed at which nonpersistent messages are to be sent. It can take on two values either ‘normal’ or ‘fast’. The default is ‘fast’, which means that nonpersistent messages on a channel are not transferred within transactions. Non persistent messages are lost if there is a transmission failure or if the channelstops when the messages are in transit.
130. What is SSL?
Secure Sockets Layer (SSL) is a protocol designed to allow the transmission of secure data over an insecure network. SSL makes use of digital certificates to enable authentication of the partner. It also uses encryption to prevent eavesdropping and hash functions to enable detection of tampering. It can be used with both MCA channels for queue manager to queue manager communication and MQI channels for client applicationsconnecting to a queue manager
131. What are the algorithms in SSL?
A CipherSuite is a suite of cryptographic algorithms used by an SSL connection. A suite comprises three distinct algorithms:
The key exchange and authentication algorithm, used during the SSL handshake
The encryption algorithm, used to encipher the data
The MAC (Message Authentication Code) algorithm, used to generate the message digest
132. What is Triggering?
Ans: Web Sphere MQ enables you to start an application automatically when certain conditions on a queue are met. For example, you might want to start an application when the number of messages on a queue reaches a specified number. This facility is called triggering
133. How many ways of Triggering?
EVERY: A trigger event occurs every time that a message arrives on the application queue. Use this type of trigger if you want a serving program to process only one message, then end.
FIRST: A trigger event occurs only when the number of messages on the application queue changes from zero to one. Use this type of trigger if you want a serving program to start when the first message arrives on a queue, continue until there are no more messages to process, then end.
DEPTH: A trigger event occurs only when the number of messages on the application queue reaches the value of the TriggerDepth attribute.
134. What are the Trigger types available Explain?
a.Application triggeringb.Channel Triggering
a) In the case of application triggering the components are Application queue: This is the message queue associated with an application Process: A process definition defines the application to be used to process messages from the application queue. Initiation queue: The queue manager moitors the application queue. If the trigger type of the application queue is set to Every then whenever a message is put to the application queue, the q manager looks into the process definition and puts a message having the application name and other details to the initiation queue Trigger monitor: The trigger monitor gets the trigger message from the initiation queue and starts the program specified.
b) For channel triggering the transmission queue is monitored and when messages are put in the transmission queue, the q manager puts a message in the channel initiation queue. The channel initiator is the program which monitors the initiation queue and starts the sender MCA. For the message to reach the target queue, the channel listener has to be running in the target queue manager
Channel Triggering Conditions:
· Trigger ON
· Trigger type(first every depth)
· Trigger data(channel name which is to be fired)
· Initiation queue(SYSTEM.CHANNEL.INITQ)
Channel Triggering Background process:
1. The local queue manager places a message from an application or from a message channel agent (MCA) on the transmission queue.
2. When the triggering conditions are fulfilled, the local queue manager places a trigger message on the initiation queue.
3. The long-running channel initiator program monitors the initiation queue, and retrieves messages as they appear.
4. The channel initiator processes the trigger messages according to information contained in them. This information may include the channel name, in which case the corresponding MCA is started.
5. The channel listener running in the target q mgr starts the receiving MCA
Application Triggering Conditions:
- Trigger ON
- Trigger type (first every depth)
- Initiation queue (SYSTEM.DEFAULT.INITIATION.QUEUE our own defined local queue)
- Process (NOTEPAD)
DEFINE QLOCAL (LQ) TRIGGER TRIGTYPE (EVERY) INITQ (IQ) PROCESS (NOTEPAD).
DEFINE PROCESS (NOTEPAD) APPLICID (NOTEPAD.EXE) APPLTYPE (WINDOWS)
Runmqtrm –m QM1 –q IQ
BACKGROUND PROCESS:-
1. When ever the message comes to triggered local queue, queue manager will fire trigger message with information called trigger type and the process definition (application which is to be triggered) in to the initiation queue (IQ) (our own queue).
2. At the initiation queue a long running time program called trigger monitor will be watching (monitoring) the initiation queue.
3. Whenever the trigger message occurs in the initiation the trigger monitor will pick the information and starts the application which is defined in the process.
135. What is a Trigger monitor?
A trigger monitor is a continuously – running program that serves one or more initiation queues. When a trigger message arrives on an initiation queue, the trigger monitor retrieves the message. The trigger monitor uses the information in the trigger message. It issues a command to start the corresponding application/channel
136. What is the command used for the running trigger monitor?
Ans: On Server side: runmqtrm -m QMName -q Initiation QueueName
On Client side: runmqtmc -m QMName -q Initiation QueueName
137. What is LISTENER:-
- It is a service of MQ series
- Every Queue Manager will have a listener defined with a unique port number.
- (Default port number is:-1414)
- Listener acts as a mediator between external application or queue managers connecting to the queue manager.
- To contact the queue manager we should approach through Listener.
138. Is it possible to retrieve a message from a Dead letter Queue? If possible how?
- YES, U have to run the RULESTABLE file to retrieve the messages on the dead letter queue. This proces can be handled by DEAD LETTER HANDLER.
- we have two commands to retrieve messages from DLQ. Action(fwd) fwdq fwdqm. then that DLQ message forward to this particular q.ACTION(RETRY)
- rules table containg below code: RUNMQDLQ
INPUTQ(DEAD.LETTER.QUEUE) INPUTQM(QMGR NAME)
REASON(2087) ACTION(FWD) FWDQ(QUEUENAME) FWDQM(QMGR NAME)
- If the dead letter queue name is system.dead.letter.queue,By using the below command we can retrive the message from the dead letter queue.
amqsget system.dead.letter.queue queuemanger
- General Command to replay messages in the dead queue is
runmqdlq Qname QMname
139. What the differentCHANNEL STATES which ensures the stage to stage operation of a MQ Channel?
Channel states are of 5 types
- Running
- Inactive
- Retrying
- Stopped
- Paused(receiver channel)
1. RUNNING: – before going to Running state the status will be initialization and binding
Initialization:-channel will initiate the listener
Binding:-sender channel binds with receiver, after that it
Goes to running state
2.INACTIVE:-we have one attribute called disconnect interval (DISCINT) with 6000 milli seconds (default) and it can be changed as of our convenience. If the channel is idle for a particular period defined in disconnect interval, the channel will go to inactive state.
3. RETRYING:-the channel goes to retrying state if the other side queue manager will not be available, network issue, may be listener not running, may be receiver channel is in pause state, and may be the receiver channel transportation type is different…. Etc.
4.PAUSED STATE:- this state is applicable for receiver (RCVR) channel. Paused state occurs when the receiving queue is full.
Note:-
1. If we do any changes to the channels, listeners, queue manager, to effect the changes we need to stop and then start them.
2. Before starting a channel listener should be in active / running, we can check by pinging the channel.
3. Ping is used to check whether the receiver is in active state or not.
Syntax: – PING CHANNEL (CHANNEL NAME)
140. List some of MQ Listener operations:
To Create New Listener:
def listener(LISTENER_NAME) trptype(tcp) port(PORT_NUMBER)
To Start Listener:
Start listener (LISTENER_NAME)
To Stop Listener:
stop listener (LISTENER_NAME)
To display Listener status:
display lsstatus (LISTENER_NAME)
Comments