IBM Z Hardware and Operating Systems Ideas Portal


This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

Clear

RACF

z/OS Unix commands for RACF

Just like ZOAU did with a lot of z/OS functionality it would be useful if RACF had Unix commands, it would be a good opportunity to undo the dumb design descisions the original commands had by not repeating them with the Unix commands as well. I o...
3 months ago in z/OS / RACF Not under consideration

RACF: Enforce SMF Type 80 Logging for Every ACEE Creation

Problem Statement RACROUTE REQUEST=VERIFY allows calling applications to suppress RACF SMF logging via STAT=NO or LOG=NONE, meaning security administrators cannot guarantee every authentication event is recorded. The RACF Auditor's Guide itself wa...
13 days ago in z/OS / RACF Future consideration

Log RACF keyring and certificate usage to enable proper validation and auditing

Determining whether a RACF keyring or any RACF certificate is still in use by an application (e.g., started task, batch job, etc.) is a very challenging task. Neither RACF nor other components like zERT generate SMF records that capture the usage ...
over 1 year ago in z/OS / RACF Future consideration

RRSF - segment-level control for command propagation

Background / Current behavior We use RRSF automatic command direction to synchronize RACF profiles across multiple systems. This works well operationally. However, IBM Documentation describes AUTODIRECT control in the RRSFDATA class strictly at th...
about 1 month ago in z/OS / RACF Future consideration

control length of passphrase

Hello, Regarding PCIDSS, the minimum length of a passphrase must be 12 charactersTo control the minimum length of the passphrase, we have to code an exit ICHPWX11 We'd like a RACF parameter to check that as this is done for the control of the leng...
12 days ago in z/OS / RACF Needs more information

Move settings of password phrase rules from ICHPWX11-exit to RACF SETROPTS

Today we use the Exit ICHPWX11 to manage our rules for RACF Password Phrases (e.g. length of Password Phrase, valid Characters). Unfortunately the exit is not supported by IBM. A sample is delivered with SYS1.SAMPLIB, but the most current version ...
7 months ago in z/OS / RACF Future consideration

More Granular RACF Dataset member level access SAF checking

We have a PDS dataset where several application encrypted password files are housed. Splitting the contents of this PDS is not easily achievable. Can RACF architecture allow for an enhancement feature that performs dataset access SAF checks at the...
10 months ago in z/OS / RACF Not under consideration

Convert RACF to UTF-8

It would be beneficial if RACF supported full UTF-8 natively, it would allow greater support for specialized characters in names and descriptions, it would also make communication with other systems much easier.
8 months ago in z/OS / RACF Not under consideration

Listuser command allows for 'enumeriation' of valid userids

As seen below. When one does a "LU <EXISTING USER>" you get the message : "NOT AUTHORIZED TO LIST IBMUSER"When the user it not present on the system, you get the message "UNABLE TO LOCATE USER ENTRY NOTHERE" It would be better if the reply i...
almost 2 years ago in z/OS / RACF Future consideration

RACF - Support of RSA keysize of 8192bit for RACDCERT with zOS 3.2

With zOS 3.2 ICSF does support the key generation of 8192 bit: ICSF Panel 5.6.6 (CSFPKY22) [.....] Generate a new asymmetric key pair record. Select one key type/size: RSA key bit length: ____ (512 - 8192) [.....] But when using RACF RACDCERT comm...
6 months ago in z/OS / RACF Future consideration

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.