"Can I write a script to create a queue in MSMQ and set the permissions on it?"

The first part is easy enough but the second is tricky.

For example, here's how to create a public queue with 'Old School' VBScript:

set iq=CreateObject("MSMQ.MSMQQueueInfo")


iq.Label=”The queue”

iq.Create (IsTransactional=0)


There's no way to add permissions to this queue at the same time as the COM/scripting API doesn't have that functionality.

System.Messaging (.Net) and the native C/C++ API expose functions for queue security, such as MQSetQueueSecurity(), but they can't be using in VBScript.

The way forward may be PowerShell as that uses the .Net Framework.

I'll add writing such a script to my ever-growing 'cool things to do' list...

Comments (2)

  1. Reinhard says:


    here’s a quick example if you still need it:


    $User = $Args[2]

    $queuename = "." + $Args[1]

    if ($Args[3] -ieq "Y")


    $queuename = ".private$" + $Args[1]


    if ($Args[0] -ieq "-c")


    if ($Args[4] -ieq "T")


    $transactional = 1

    $queuename += "_T"




    $transactional = 0

    $queuename += "_nonT"


    $qb = [System.Messaging.MessageQueue]::Create($queuename, $transactional)

    $qb.label = $queuename

    if ($User -ieq "admin")


    $qb.SetPermissions($User, [System.Messaging.MessageQueueAccessRights]::FullControl, [System.Messaging.AccessControlEntryType]::Allow)




    Write-Host "Restricted Control for user: " + $User

    Write-Host ""

    $qb.SetPermissions($User, [System.Messaging.MessageQueueAccessRights]::DeleteMessage, [System.Messaging.AccessControlEntryType]::Set)

    $qb.SetPermissions($User, [System.Messaging.MessageQueueAccessRights]::GenericWrite, [System.Messaging.AccessControlEntryType]::Allow)

    $qb.SetPermissions($User, [System.Messaging.MessageQueueAccessRights]::PeekMessage, [System.Messaging.AccessControlEntryType]::Allow)

    $qb.SetPermissions($User, [System.Messaging.MessageQueueAccessRights]::ReceiveJournalMessage, [System.Messaging.AccessControlEntryType]::Allow)



    elseif ($Args[0] -ieq "-d")


    Write-Host "Delete Queue: " + $queuename



  2. MSDN Archive says:

    Hi Reinhard,

    Thanks very much for sharing.


    John Breakwell (MSFT)

Skip to main content