Profiles for checking connections from CICS take the form:
qmgr-name.CICS
where qmgr-name is the queue manager name. If it fails to find the profile, the connection request fails.
For connection requests by CICS, you need only permit the CICS address space user ID access to the connection profile.
For example, the following Security definitions allow the CICS address space user ID SYSAD to connect to the queue manager QM_nwb_magd820
##################################### # MQCONN QM_nwb_magd820.CICS auths # ##################################### dn: CN=QM_nwb_magd820.CICS,CN=MQCONN,CN=Enterprise Server Resources,CN=Micro Focus,DC=local changetype: delete dn: CN=QM_nwb_magd820.CICS,CN=MQCONN,CN=Enterprise Server Resources,CN=Micro Focus,DC=local changetype: add objectClass: microfocus-MFDS-Resource microfocus-MFDS-Resource-Class: MQCONN microfocus-MFDS-Resource-ACE: allow:SYSAD:read microfocus-MFDS-Resource-ACE: deny:*:execute microfocus-MFDS-UID: mfuid description: Enable security on MQCONN subsystem CICS for QMGR QM_nwb_magd820