Welcome to Microsoft® Message Queue (MSMQ) Server version 1.0 for the Windows NT 4.0 Option Pack. This document provides late-breaking or other information that supplements the MSMQ online documentation.
The following sections are included in this document:
Latest MSMQ Information
Additional Documentation
Known Problems
Copyright Information
Note This version of MSMQ differs from the stand-alone version for Windows NT Server/E (Enterprise Edition). This document, as well as the online MSMQ Administrator's Guide, have been authored for the Windows NT/E version of MSMQ. You should read "MSMQ Differences for the Windows NT Option Pack", which describes the differences between the two versions of MSMQ.
Up-to-date information about MSMQ can be found on the Microsoft MSMQ Web site at http://www.microsoft.com/msmq.
This section contains installation and configuration documentation not found in the online MSMQ AdministratorÆs Guide.
MSMQ is compatible with Internet Explorer versions 3.0, 3.01, and 3.02.
DCOM95 must be installed on any computers running Windows 95 for MSMQ to run properly.
Any computers running Windows 95 must have the network access control set to User Level Access Control. You can verify this in Control Panel with Network, on the Access Control tab.
To configure an MSMQ dependent client installed on a computer running Windows 95, you must:
To configure an MSMQ dependent client installed on a computer running Windows NT Workstation or Windows NT Server, you must configure MS DTC. These issues are covered in "Installing MSMQ," in the MSMQ AdministratorÆs Guide.
The following warning message can appear when you install an MSMQ server or independent client:
"No Server Authentication. Setup cannot initiate a secured communications channel with the MSMQ information server. Either the server or the computer on which you are installing MSMQ is not configured for secure communication, or there is an unauthorized server on your MSMQ network. As a result, all further communications with this server and other servers will not be secure until the servers and the computer on which you are installing MSMQ are properly configured. "
For more information, contact your MSMQ administrator or see "Securing Communication Between Controller Servers".
This warning might appear if you install MSMQ from the Windows NT Option Pack CD. By default, this warning does not appear if you install MSMQ from an installation share.
You can control how Setup deals with this warning using the ServerAuthenticationOnly entry in the Msmqinst.ini file. If ServerAuthenticationOnly is set to True (ServerAuthenticationOnly=true), unattended Setup will exit if it cannot initiate a secured communications channel with the MQIS server, and attended Setup will show the above warning.
If ServerAuthenticationOnly is set to False (ServerAuthenticationOnly=false), setup will continue even if it cannot initiate a secured communications channel with the MQIS server. If Setup cannot find the ServerAuthenticationOnly entry in the Msmqinst.ini file, Setup functions as if ServerAuthenticationOnly is set to False.
Note ServerAuthenticationOnly is set to True in the Msmqinst.ini file for MSMQ on the Windows NT Option Pack CD. When Setup creates an installation share, ServerAuthenticationOnly is set to False in the Msmqinst.ini file that is on that share. You can manually change this value after the share is created.
For more information on configuring servers for secure communication either before or after installing MSMQ, see "Securing Controller Server Communications" in "Managing Your MSMQ Enterprise," of the MSMQ AdministratorÆs Guide. For general information on securing controller server communication, see "Securing Communication with Controller Servers" in "Securing Your MSMQ Enterprise."
"Determining the Size of the Information Store" in "Deploying MSMQ," of the MSMQ AdministratorÆs Guide describes the default MQIS database size as 50 MB, with an 8 MB log file. This is incorrect. The default MQIS database size is 80 MB, with a 20 MB log file.
To install an MSMQ independent client on a computer running Windows 95, you must configure it for MS DTC. Because MS DTC server does not run on Windows 95, another Windows NT-based MS DTC server is needed to support transactions on Windows 95. MSMQ setup installs MS DTC proxy on the computer running Windows 95. This enables that computer to connect to a Windows NT-based MS DTC server.
To configure MS DTCMake sure all your MQIS Server administrators can be trusted to appropriately access information on all MQIS server. With administrative access to just one MQIS server, an administrator can potentially obtain full access to any object in the MSMQ enterprise. This can be done for example, by taking ownership on the object and then changing its access permissions.
MSMQ counts Windows NT Server client access licenses (CALs). If no CALs are available, MSMQ-based applications fail to send messages, to open queues on remote computers, or to open a queue from a client.. MSMQ enforces the following rules for counting CALs:
For more information on CALs and changing CALs, see Chapter 12, "Licensing and License Manager," in Windows NT Server 4.0 Concepts and Planning.
MSMQ requires the use of Microsoft SQL Server 6.5 Service Pack 1 or Service Pack 3. MSMQ is not compatible with Microsoft SQL Server 6.5 Service Pack 2. The Windows NT Option Pack CD contains an \MSMQ\SQL.SP3 folder. This folder contains SQL Service Pack 3, which you should install on existing SQL Server installations that use Service Pack 2.
The MSMQ AdministratorÆs Guide contains the following passage (in "Securing Your MSMQ Enterprise," under "Securing Communication with Controller Servers").
"Communication between MSMQ controller servers is inherently secure because all the messages are signed and verified, based on information found in the MQIS database."
Although this is true, it does not explain that by default the initial communications are not secure between the MQIS server you are installing and its "parent" MQIS server (the PEC in case of a PSC; the PSC in case of a BSC). This initial communication (done through RPC) is not secure unless you configure the server for secure communication before installing MSMQ. For example, you can unknowingly install the MQIS server from an unauthorized MQIS server. However, once you install an MQIS server from an authentic server, all further communications with other MQIS servers are secure.
Configuring MQIS servers for secure communication (even though communication between MSMQ controller servers is inherently secure ) can simplify the renewal of cryptographic keys. For example, if you renew the cryptographic keys of an MQIS server that has been configured for secure communication, the child server can automatically obtain the new public keys. However, if the parent MQIS server is not configured for secure communication, you must manually make changes to allow MQIS replication to resume between the two server.
To prevent the installation of MQIS servers from other unauthorized MQIS servers, configure the servers for secure communication before installing MSMQ on them. For more information on configuring servers for secure communication either before or after installing MSMQ, see "Securing Controller Server Communications" in "Managing Your MSMQ Enterprise," of the MSMQ AdministratorÆs Guide. For general information on securing controller server communication, see "Securing Communication with Controller Servers" in "Securing Your MSMQ Enterprise."
All MSMQ computers except dependent clients use cryptographic keys. These cryptographic keys are used for doing various security operations in MSMQ. Users can renew the cryptographic keys using MS Message Queue in Control Panel. For independent clients and MSMQ routing servers, the only implication of renewing the cryptographic keys is that private (encrypted) messages that were encrypted according to the previous keys and were then sent to the computer, are rejected. This happens until the new public keys will get propagated to all MQIS servers, and the sending computers start using the new public key.
If you renew the cryptographic keys of an MQIS server, all its "child" MQIS servers reject any MQIS replication messages sent from the parent server if the child server is not configured for secure communication. For example, if you renew the cryptographic keys on a PEC, the PSCs reject any MQIS replication messages sent from the PEC. Or, if you renew the cryptographic keys on a PSC, all its BSC reject any MQIS replication messages sent from the PSC. This problem occurs only if the child MQIS server is not configured for secure communication.
If you renew the cryptographic keys of an MQIS server and if its child MQIS servers are not configured for secure communication, use the following procedure to correct the problem:
mqsrvkey newkey.keywhere newkey.key is the output file name you want to use. The mqsrvkey command line utility is installed in the MSMQ folder by default (typically C:\Program Files\MSMQ).
If you want your MSMQ dependent clients to use secure communication with MQIS servers, you must override the default setting, which does not use secure communication between these computers.
To configure dependent clients to use secure communication with MQIS serversThe MSMQ Security feature guarantees full security of messages from the sending application to the destination queue. To guarantee full security, the receiving application and the queue must reside on the same computer (local read). In the case of a remote read (such as reading a message from computer A when the queue is on computer B), only authorized users are able to open a queue for read. That is, the user must have the right access permissions for the queue. However, the message is not encrypted or authenticated when read by the receiving application over the network.
To ensure integrity checking for each message sent to a remote reader, use Services in Control Panel to configure the Microsoft Message Queue Service of the reading computer to run under a domain user account (not the local system account).
Each MQIS server (the PEC, all PSCs, and all BSCs) must have at least one network adapter. The network adapter is required even if the server is a laptop computer or connects to the network only by modem through RAS.
Before installing an MSMQ dependent client on a computer running Windows 95, you must grant the appropriate permission on the supporting server only if the dependent client will use transactions.
To grant permissions for a computer running Windows 95If an MSMQ independent client is installed from an installation share on a BSC, and the MQIS replication period is set to more than one minute, Setup displays a message stating that it failed to install the cryptographic keys on the workstation. You can ignore the failure message, and Setup will continue correctly. This message can appear even if the cryptographic keys were installed correctly. Setup displays the message because it attempts and fails to read the cryptographic keys from the MQIS, to verify that the keys were not tampered with.
If replication is set to a period longer than one minute, it is recommended that you install MSMQ independent clients from an installation share on a PEC or PSC, if possible. Again, the error message regarding the cryptographic keys should not appear. If you do see the message, you can ignore it, but it might also indicate that someone tampered with your public keys.
The MSMQ AdministratorÆs Guide states that "both the supporting server and the site controller server (PSC or PEC) must be online when you install an MSMQ dependent client." However, if the supporting server is not online, or if it has not yet been installed, you can still install the client.
The MSMQ dependent client Setup attempts to communicate with the specified supporting server. If the server does not respond, Setup displays a message telling you that the server is not reachable. You can either specify another server or you can click Cancel. If you click Cancel, Setup completes successfully, using the server name you entered. This feature enables you to install dependent clients before you install the supporting server. However, you cannot configure the MS DTC service on computers running Windows 95 when the supporting server is off line.
For more information on configuring computers running Windows 95 to use the MS DTC service, see "MSMQ Dependent Client Configuration Procedure" in "Installing MSMQ," of the MSMQ AdministratorÆs Guide.
Using MS Message Queue in Control Panel, each user can delete only her own certificates. However, Administrators can use the MSMQ Explorer Tools menu to delete other usersÆ certificates. To delete certificates of other users, the administrator must have set Properties permission for the MSMQ enterprise.
MSMQ Explorer Help incorrectly states that you can search for computers using the following options: All Types, MSMQ routing servers, Backup site controllers, and Primary site controllers. The valid options are: All Types, MSMQ Servers, Site Controllers, and Primary Site Controllers.
All Types returns all MSMQ computers. MSMQ Servers returns all MSMQ Servers. Site Controllers returns all BSCs, PSCs, and the PEC. Primary Site Controllers returns all PSCs and the PEC.
MSMQ cannot be installed over any beta releases of MSMQ. If you are currently using a beta release of MSMQ, please uninstall it before installing MSMQ version 1.0.
Do not use any multihomed MSMQ independent client with two network cards on two different IP CNs if there is an MSMQ server with two network cards on the same two IP CNs in the same site. Otherwise, the MSMQ independent client may fail to send or receive messages.
The Windows NT 4.0 Service Pack 3 includes an enhanced version of the Microsoft remote procedure call (RPC) facility, which includes a new asynchronous model and the support for running RPC over MSMQ.
Support for the new asynchronous RPC and MSMQ Transport for RPC is not available at this time.
Visual Basic (VB) scripts under ActiveX Server pages run under the security of the account running the IIS service (w3svc). If that account is a local account, MSMQ messages sent by VB scripts in ActiveX Server pages on that machine are sent with no Security Identifier (SID). Therefore, the message successfully arrives at its target only if the target queue does not restrict incoming messages.
Note that this programming consideration applies to any service or process running under a local account. Local accounts do not have valid credentials on other machines and therefore can access MSMQ queues only if the access requested is granted to all accounts.
RAS IP addresses of MSMQ Servers (PEC, PSC, BSC, and Routing Servers) must not be published in MQIS. Only LAN addresses should be published in MQIS.
After you set up MSMQ servers that use RAS, it is recommended that you use MSMQ Explorer to verify that no RAS IP addresses are listed in the MQIS.
Define an additional static (non-DHCP) IP address on your LAN in the same IP subnet as the RAS address. This applies only if you do not have an IP LAN address in the same CN as your RAS IP address.
To define an additional static IP address in the same IP subnetMSMQ Explorer can display only 20,000 messages in a queue. If there are more than 20,000 messages in a queue, MSMQ displays the following message below the last message displayed:
Additional messages cannot be displayed
MSMQ Setup stops and restarts the SQL Server service and DTC service if they are installed and running. Any applications or services that depend on these services are also stopped, but they are not restarted by MSMQ Setup. To work around this, either restart the services in Services in Control Panel, or restart your computer.
If you install an MQIS server (PEC, PSC, or BSC), remove it, install an MSMQ routing server, and then remove SQL Server, the MSMQ routing server will be unable to process coordinated transactions. This problem occurs because SQL Server Setup, when used to remove SQL Server, also removes MS DTC.
To avoid this situation, remove SQL Server before installing the MSMQ routing server.
This section documents problems known at the time of release with the MSMQ code and documentation.
The "MSMQ Dependent Clients" section in "Understanding MSMQ" of the MSMQ AdministratorÆs Guide states:
"MSMQ servers can support up to 15 dependent clients."
This is incorrect. The number of dependent clients that an MSMQ servers can support is based on the number of CALs available on the server. For more information MSMQ and Windows NT CALs, see "MSMQ and Windows NT CALs" earlier in this document.
"Managing Your MSMQ Enterprise," in the MSMQ AdministratorÆs Guide describes the renaming of MSMQ dependent clients, independent clients, and MSMQ routing servers. This is not supported.
Note To rename a computer that is running MSMQ, you must uninstall MSMQ, rename the computer, and install MSMQ again. This procedure deletes all the queues that are on this computer. You must recreate the queues after you reinstall MSMQ.
"Securing MSMQ," of the MSMQ AdministratorÆs Guide documents the Create Route Server special access permission. This is a not the correct name for the permission. The special access permission is Create Routing Server. This error appears in table 5.2, table 5.6, and in "Auditing a Site" in that section.
In "Managing Your MSMQ Enterprise" of the MSMQ AdministratorÆs Guide contains the following text in "Creating a Custom Managing Application":
"The ActiveX controls provided by MSMQ can be used to:
- Create sites, CNs, and computers
- Change CNs, InRSs, and OutRSs for computers
- Change site gate settings for the PEC and PSCs
- View enterprise settings"
This functionality is not available in MSMQ version 1.0.
MSMQ independent clients on computers running Windows 95 cannot read or send messages to or from queues if the messages are larger than 400K. MSMQ dependent clients do not have this limitation.
To work around this limitation, obtain an updated version of DCOM95 (scheduled to be available in 1997). For information on availability, check http://www.microsoft.com.
If you log off and then log on again (on a computer running Windows 95 and the MSMQ independent client software) without shutting down or rebooting the computer, other computers running MSMQ cannot read messages from queues on your computer.
To work around this problem, obtain an updated version of DCOM95 (scheduled to be available in 1997). For information on availability, check http://www.microsoft.com.
© 1997 Microsoft Corporation
These materials are provided “as-is,” for informational purposes only.
Neither Microsoft nor its suppliers makes any warranty, express or implied with respect to the content of these materials or the accuracy of any information contained herein, including, without limitation, the implied warranties of merchantability or fitness for a particular purpose. Because some states/jurisdictions do not allow exclusions of implied warranties, the above limitation may not apply to you.
Neither Microsoft nor its suppliers shall have any liability for any damages whatsoever including consequential incidental, direct, indirect, special, and loss profits. Because some states/jurisdictions do not allow exclusions of implied warranties, the above limitation may not apply to you. In any event, Microsoft’s and its suppliers’ entire liability in any manner arising out of these materials, whether by tort, contract, or otherwise shall not exceed the suggested retail price of these materials.