How to set permissions on MSMQ Cluster queues?

Go To StackoverFlow.com

1

I've got a cluster with functioning private MSMQ 3.0 queues. I'm trying to programmatically set the permissions, but can't seem to connect via System.Messaging on the queues. The code below works just fine when working with local queues (and using .\ nomenclature for the local queue). How to programmatically set the permissions on the clustered queues?

Powershell code executed from the active node

function set-msmqpermission ([string] $queuepath,[string] $account, [string] $accessright)
{
    if (!([System.Messaging.MessageQueue]::Exists($queuepath))){
    throw "$queuepath could not be found."
}
$q=New-Object System.Messaging.MessageQueue($queuepath)
$q.SetPermissions($account,[System.Messaging.MessageQueueAccessRights]::$accessright,            
  [System.Messaging.AccessControlEntryType]::Set)
}
set-msmqpermission "clusternetworkname\private$\qa1ack" "UserAccount" "FullControl"

Exception calling "SetPermissions" with "3" argument(s): "Invalid queue path name." At line:30 char:19 + $q.SetPermissions <<<< ($account,[System.Messaging.MessageQueueAccessRights]::$accessright,
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : DotNetMethodException

2012-04-05 01:14
by JorgeSandoval
$account is in the domain\username format - CB. 2012-04-05 08:23
Didn't think you could change anything on a remote private queue. Running the code on the active node doesn't mean you are running it in the context of the clustered resource. (http://blogs.msdn.com/b/johnbreakwell/archive/2008/02/18/clustering-msmq-applications-rule-1.aspx). Public queues are much better for remote management - John Breakwell 2012-04-05 12:34
I'd be happy to run it locally... I read your blog during my research on this. I'm working with a system where MSMQ will be eventually phased out in favor of message broker, but until then I'm stuck with the private queues. That said, I'm trying to automate deployment of about 60+ queues and their permissions. At this point there's been a lot more sunk time in investigate why the script doesn't work than if I had just changed it, but automation is the mantra of the day. So I soldier on.. - JorgeSandoval 2012-04-05 18:54
$account is in domain\username format (or if local just user name). This script as stated works fine on a local non-clustered MSMQ instance. Only when I need to connect to the clustered Queues that I get caught up - JorgeSandoval 2012-04-05 18:56


3

From: http://winterdom.com/2011/10/using-powershell-with-clustered-msmq

You have to set the cluster network name environment variable before using messageQueue.

$env:_CLUSTER_NETWORK_NAME_ = 'myclusterMSMQ'
[System.Messaging.MessageQueue]::Create('.\Private$\MyQueue')

Adding the cluster network name to top of script should solve the problem

Link to the full (simplistic - but works for simple creation and assignment of perms) script I provided as an answer to another question. https://stackoverflow.com/a/11268755/761599

2012-06-29 21:12
by JorgeSandoval
Ads