Is the MSMQ messaging Active Directory Integration subcomponent required? (NETIQKB72415)

  • 7772415
  • 22-Jun-2010
  • 01-Jul-2010

Environment

Security 6x

MSMQ

Central computer

Log Archive Server

Situation

MSMQ Messaging is a prerequisite for both the Central computer and Log Archive server installs. However the MSMQ sub component Active Directory Integration for MSMQ is not required to install the Central computer or the Log Archive server.

Resolution

To uncheck the box that installs Active Directory Integration subcomponent

1. Go to add\remove programs

2. Add\remove windows components

3. Highlight Application server and click details

4. Highlight Message Queuing and click details

5. Uncheck "Active Directory Integration" and click OK

Cause

MSMQ messaging Active Directory Integration subcomponent


During a default installation, the Active Directory Integration subcomponent is installed, regardless of whether your computer is a member of a domain.  If you are installing Message Queuing on a computer that is a member of a Windows Server 2003 or Windows 2000 domain, you can specify whether the computer will operate in domain mode, by installing the Active Directory Integration subcomponent, or in workgroup mode, by not installing the subcomponent. 

In the context of Message Queuing, workgroup mode can be defined as any mode of operation that does not allow access to a directory service, even if the applicable computer belongs to a domain. The workgroup mode of operation requires direct connectivity to send messages.  If you are installing Message Queuing on a computer that belongs to a domain and you select the Active Directory Integration subcomponent (as in the default configuration), Setup will attempt to contact a Windows Server 2003 or Windows 2000 Server domain controller in the local site or a nearby site. If successful, the computer will operate in domain mode, meaning that access to Active Directory will be enabled and an msmq object will be created in Active Directory.

Note that a Windows Server 2003 or Windows 2000 Server domain controller can only be found automatically. If one of these domain controllers cannot be located, you will be prompted for the name of an MSMQ 1.0 PEC or PSC (in a Windows NT 4.0 enterprise) in the local site. If you do not supply such a name, and select Next, Message Queuing will be installed in workgroup mode. In such a situation, where your computer belongs to a domain and has the Active Directory Integration subcomponent installed, but is temporarily unable to access a domain controller, the computer will work in workgroup mode. However, the next time you restart such a computer, or stop and restart the Message Queuing service, Message Queuing will automatically attempt to contact a domain controller in the local domain. If a domain controller is available and contact is successful, the computer will then operate in domain mode.


If your computer does not belong to a domain, default installation of the Active Directory Integration subcomponent allows for the possibility that the computer might later join a domain.

Additional Information

Formerly known as NETIQKB72415