IBM Z Hardware and Operating Systems Ideas Portal
This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
We had the unfortunate experience of some RACF default setting (can't recall where now) being changed to force ERASE on DELETE's and it caused utter chaos with performance issues until it was identified. Something to be very wary of.
.This requirement talks having IDCAMS functions like DEFINE and DELETE denied to a user by a facility class. However this ability is already available by setting up DATSET authorities that would deny a user to create or delete a data set. What seems to be needed is a method curtail usage of the IDCAMS DEFINE ERASE parameter. If that is what is desired, please resubmit the requirement specifically for that parameter and any other that might be needed to be excluded.
The user already had RACF authority to DEFINE the data set in which they specified ERASE. If you were to restrict them from DEFINE you could just as well restrict them from the RACF authority to DEFINE the data set. What it appears you want is a way to retrict the use of ERASE on the DEFINE statement.
Description needs to be clarified/corrected. It should read:
Would like the ability to allow/deny certain IDCAMS functions via PARMLIB/SAF, etc. Specifically, we want the ability to allow/disallow the use of the ERASE keyword on DELETE. There could be other parameters that could use the same process if it were available.
SHARE REQ 175 in RFE-MVSS has been opened on this topic. My apologies for not seeing these requests for update sooner.
A couple of updates. The ERASE keyword is on the the DELETE function. I don't not want to restrict a user from deleting something they have access to delete, but I don't necessarily want them to be able to specify the ERASE function, as that has caused performance implications.
This seems to be a good idea. Could you also submit a SHARE requirement so that we can determine general interest from the user community?
This seems to be a good idea. Could you also submit a SHARE requirement so that we can determine general interest form the user community?
Can you elaborate on this requirement a little more? The DEFINE CLUSTER command does not have a DELETE parameter. Why would you want to restrict someone from deleting a data set they have RACF authority to define?