Skip to Main Content
IBM Z Hardware and Operating Systems Ideas Portal


This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

My ideas: RACF

Showing 11

RACDCERT ADD support of certificates exported with OpenSSL 3.x

Currently, RACF doesn't support the creation or the display of Certificates with multiple SANs. This is a major weakness. As gskkyman is not a valid replacement and the z/OS PKI can't be used, we create our certificates with OpenSSL. By default, O...
over 1 year ago in z/OS / RACF 5 Delivered

RACF: Logging of successful login

Standards (e.g. PCI-DSS 10.2.5) require that successful login to the system or application must be logged. Today the successful login logging depends on the resource manager, which handles the login. It should be possible to activate the successfu...
almost 6 years ago in z/OS / RACF 3 Delivered

Document the LOGSTRX bit flag in ICHRFXP DSECT

This bit is referred to as "BIT12" in the ICHRFXP DSECT. This bit indicates the format of the data found at the LOGSTR pointer. This bit is needed to know what format the provided data is in for exits that process RACROUTE REQUEST=FASTAUTH calls.
over 2 years ago in z/OS / RACF 2 Delivered

CSDATA: ACEE and CICS

We would like to be able to choose if we want to access or not RACF Custom Fields from CICS. Via a parameter, for example in the SIT we could be able to decide if, automatically the CF should be brought into storage and anchored from the ACEE. Thi...
almost 9 years ago in z/OS / RACF 6 Delivered

Ability to set Pass Phrase change interval greater than 254 days

There is a limit in RACF that sets the maximum value of password and pass phrase change interval at 254 days. We want to set a pass phrase interval greater than 254 days.
over 4 years ago in z/OS / RACF 1 Delivered

An option to disallow password change after logon with passticket

A passticket is temporary and can only be used for a specific purpose. A password is permanently and generally usable. So we want an option to disallow a password change for an user that is logged on with passticket.
over 4 years ago in z/OS / RACF 1 Delivered

IRRUT200 needs to run AMODE 31

IRRUT200 does not execute in AMODE 31 and so it cannot handle RACF databases beyond a certain size.See apar OA14731. Modern RACF databases can be quite large and this limitation is very serious. Please initiate development effort toredesign IRRUT200.
over 9 years ago in z/OS / RACF 2 Delivered

PCI DSS requires Dataset encyption

For PCI-DSS compliance it is needed that live data (datsets) residing on storage subsystems attached to z/OS systems can be transparently encrypted. Encyption needs to be controlled by z/OS descriptorslike RACF DFP segments or such.
about 10 years ago in z/OS / RACF 1 Delivered

Dataset profile EXTRACT feature for IRRSEQ00 RACF API

Hello, Following the PMR 68238,662,706 could you enhance the RACF API IRRSEQ00 to add a feature to extract dataset profile information ? A feature called ADMN_XTR_DATASET should be wonderful (like ADMN_XTR_USER or ADMN_XTR_RESOURCE) because at thi...
almost 7 years ago in z/OS / RACF 2 Delivered

IT Security Manager

Problem title RACF not notifying CICS on revoked userid . Problem description Running CICS/TS 4.2 under z/OS 2.1. We are having a problem between RACF and CICS on revoked USERID. . According to the manuals RACF is supposed to notify CICS immediate...
almost 9 years ago in z/OS / RACF 3 Delivered