Skip to Main Content
IBM Z Hardware and Operating Systems Ideas Portal


This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

RACF

Showing 211

Enrich message ICH70001I with the number of attempts.

Asis: ICH70001I userid LAST ACCESS AT hh:mm:ss ON www, month, day, 19yy This message is issued when the Resource Access Facility (RACF) RACINIT service is invoked to initialize RACF processing for a new address space. The first time this user ("us...
almost 10 years ago in z/OS / RACF 2 Not under consideration

Enhance RACF to allow PERMITs with WHEN(PROGRAM) for zSecure custom general resource classes

I would like the ability to use conditional permits with a custom class for zSecure Command Verifier. In my case rather than use XFACILIT for zSecure Command Verifier we have opted to use our own general resource class by defining it to the CDT cl...
about 8 years ago in z/OS / RACF 2 Not under consideration

Better Auditing for IRR.DIGTCERT.LISTRING

IRRADU00 ACCESS SUCCESS record for calls to FACILITY IRR.DIGTCERT.LISTRING does not show the actual RING Name. Please require RACROUTE callers to specify a RingName that can be viewed in the IRRADU00 unloaded output. Suggestion is for use of the L...
about 8 years ago in z/OS / RACF 2 Not under consideration

SMF record is written when ACCESS is unsuccessfull for JESJOBS Class

RACF drives an authorization check in the JESJOBS class for the resourcename SUBMIT<.execution node><.jobname><.user ID>. This is a LOG=NOFAIL REQUEST=AUTH, which means that if the submitting user is not authorized to this resour...
about 6 years ago in z/OS / RACF 4 Not under consideration

Restrict access depending on the system service used to access a resource.

A resource, usually a dataset but it can be a general resource, can be accessed through different services. The idea relates to the ability of accessing the resource through TSO, for example, but not using a JOB (or NetView, or other systems servi...
about 2 years ago in z/OS / RACF 3 Not under consideration

Tool to simulate access to resources.

Administrators and support staff usually need to refine and diagnose RACF controlled access. Therefore they should have available a tool to specify the conditions when an access is to happen and get a detailed RACF response.
about 2 years ago in z/OS / RACF 1 Not under consideration

Enhance RACF to support WHEN(PROGRAM) for the WRITER class

Please enhance RACF to support commands like the following one for the WRITER class. permit JES2.NJE.CTDX001 class(WRITER) id(Your_Favorite_Scheduler_id_here) ACCESS(READ) when(PROGRAM(CKRCARLA))
over 8 years ago in z/OS / RACF 2 Not under consideration

Empowering conditional access to general resources through privileged programs

Some resources different from DATASET also should be accessed through allowed programs. This would allow a refined access to some sensitive resources such as those under SURROGAT (for example, USER1 can submit a job in the name of USER2 only if th...
about 2 years ago in z/OS / RACF 1 Future consideration

Allowing program name masking in conditional access to DATASETS

Multiple program names are allowed in the parameter WHEN(PROGRAM(...)) in the PERMIT command. However this is not practical if many programs starting with the same first characters are to be specified in the list or if a new program, also starting...
about 2 years ago in z/OS / RACF 0 Future consideration

Intelligent refresh after a new user/group is added to a resource access list.

After adding an user or group to a resource access list a SETROPTS REFRESH for the class to which the resource belongs is required. This has a huge impact on performance depending on the resource class.
about 2 years ago in z/OS / RACF 2 Not under consideration