Skip to Main Content
IBM Z Hardware and Operating Systems Ideas Portal


This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

RACF

Showing 228

Enhance RACF to support WHEN(PROGRAM) for the WRITER class

Please enhance RACF to support commands like the following one for the WRITER class. permit JES2.NJE.CTDX001 class(WRITER) id(Your_Favorite_Scheduler_id_here) ACCESS(READ) when(PROGRAM(CKRCARLA))
over 8 years ago in z/OS / RACF 2 Not under consideration

SMF record is written when ACCESS is unsuccessfull for JESJOBS Class

RACF drives an authorization check in the JESJOBS class for the resourcename SUBMIT<.execution node><.jobname><.user ID>. This is a LOG=NOFAIL REQUEST=AUTH, which means that if the submitting user is not authorized to this resour...
over 6 years ago in z/OS / RACF 4 Not under consideration

Enhance type 80s for failed ALTUSER commands

The type 80 event codes for failed ALTUSER commands should be enhanced so that I can tell for sure using SMF data why the ALTUSER command failed. Specifically:-Was ALTUSER failed because of SETROPTS?---Which specific SETROPTS rule failed the passw...
almost 9 years ago in z/OS / RACF 2 Not under consideration

Create a user OMVS segment field to contain a umask value that would apply to file creation and chmod

Please enhance RACF to add a user OMVS segment field to contain a umask value that would apply to file creation and chmod.
almost 7 years ago in z/OS / RACF 2 Not under consideration

List of restricted words in password rules

There are some obvious passwords that are very easy to guess, and is important to avoid using them. The idea is to have a list of restricted words that cannot be part of a password and that RACF will not accept. This list must be configurable t...
over 2 years ago in z/OS / RACF 1 Future consideration

Depository Trust and Clearing Corp

Enhance ADDUSER and DELUSER commands so that they go into supervisor state to update SYS1.BRODCAST on the command issuer's behalf.
almost 10 years ago in z/OS / RACF 2 Not under consideration

Restrict access depending on the system service used to access a resource.

A resource, usually a dataset but it can be a general resource, can be accessed through different services. The idea relates to the ability of accessing the resource through TSO, for example, but not using a JOB (or NetView, or other systems servi...
over 2 years ago in z/OS / RACF 3 Not under consideration

Tool to simulate access to resources.

Administrators and support staff usually need to refine and diagnose RACF controlled access. Therefore they should have available a tool to specify the conditions when an access is to happen and get a detailed RACF response.
over 2 years ago in z/OS / RACF 1 Not under consideration

Empowering conditional access to general resources through privileged programs

Some resources different from DATASET also should be accessed through allowed programs. This would allow a refined access to some sensitive resources such as those under SURROGAT (for example, USER1 can submit a job in the name of USER2 only if th...
over 2 years ago in z/OS / RACF 1 Future consideration

Allowing program name masking in conditional access to DATASETS

Multiple program names are allowed in the parameter WHEN(PROGRAM(...)) in the PERMIT command. However this is not practical if many programs starting with the same first characters are to be specified in the list or if a new program, also starting...
over 2 years ago in z/OS / RACF 0 Future consideration