MSMQSETQSEC

Sets the access control information for a specified queue.

Syntax

Example

Syntax

CALL MSMQSETQSEC(qid, rc ,owner, dacl>);

Required Arguments

qid: Numeric, input

Specifies the queue identifier that represents the format name of the queue.

rc: Numeric, output

Provides the return code from the CALL routine. If an error occurs, then the return code is nonzero. A return code of -1 reflects a SAS internal error. Otherwise, it represents an MSMQ error code. You can use the SAS function SYSMSG() to obtain a textual description of the return code.

owner: Character, input (Optional)

Identifies the owner of the queue. This parameter must be specified as Domain\Account.

dacl

Character, input (Optional)

Specifies the discretionary access control list for the queue. This parameter must be specified in the form of

Domain\Account:accessType:Permissions,...

where accessType is one of the following:

ALLOW: Permissions allowed

DENY (See the following note.): Permissions denied

Note: Windows NT 4.0 supports DENY access control entries but cannot edit security information that uses them. Therefore, this access type is not recommended until Windows NT 5.0 or later.

permissions is one or more of the following, separated by '+':

Rj (Receive Journal)
Rq (Receive Message)
Pq (Peek Message)
Sq (Send Message)
Sp (Set Properties)
Gp (Get Properties)
D (Delete Queue)
Pg (Get Permissions)
Ps (Set Permissions)
O (Take Ownership)

Example: Example

This example sets the queue security properties to allow NTDOMAIN\User6 to Receive Messages (Rq), Get Properties (Gp), and Get Permissions (Pg).

length msg $ 200;
rc=0;
CALL MSMQSETQSEC(qid, rc, "", "NTDOMAIN\User6:ALLOW:Rq+Gp+Pg");
if rc ^= 0 then do;
   put 'MSMQSetQSec: failed';
   msg = sysmsg();
   put msg;
end;
else put 'MSMQSetQSec: succeeded';