IBM Power Ideas Portal


This portal is to open public enhancement requests against IBM Power Systems products, including IBM i. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

Security

Showing 22

DCM *SYSTEM store password in admin-cust.xml files

In the security configuration files from ADMIN application servers (ADMIN1, ADMIN3, ....) the *SYSTEM store password is weakly encoded with {xor} and is easy to obtain if you have access to admin-cust.xml file in /QIBM/UserData/OS/ADMININST/[admin...
2 months ago in IBM i / Security 1 Future consideration

Tool to automate rebuild of DCM USRIDX QUSRSYS/QYCDCERTI

I have a corrupted *USRIDX QUSRSYS/QYCDCERTI which is causing numerous DCM errors and multiple software problems with QYCDCUSG to be logged, when using the DCM. Unfortunately, recovery involves deleting certificate assignments and manually rebuild...
about 1 year ago in IBM i / Security 3 Future consideration

Monitoring or tracking changes done in DCM

Hi Team, We have a scenario where certification was unassigned from one of the application and so inorder to prevent this from happening again, we need to identify the cause of this issue ie we need to know who has made those changes to the DCM. S...
over 1 year ago in IBM i / Security 3 Future consideration

Concealing Password on the ADDSVRAUTE Screen

To not reveal a password to onlookers when setting up a secure DDM environment.
over 1 year ago in IBM i / Security 2 Future consideration

IBM i DCM - Last used timestamp for each certificate

For the purpose of housekeeping the certificate stores in IBM i DCM, it would be very useful to enhance DCM to be able to show the "Last Used Time Stamp" and also "Use Count" for EACH certificate in the store so that system admin can efficiently s...
over 1 year ago in IBM i / Security 3 Future consideration

Show profile will be disabled msg even for non-valid profiles.

OS 7.5 changed to provide the same error message when signing on for the case where a userid is not defined or a userid is valid but the password is wrong. This was intended to not 'leak' information to a bad actor that they guessed a valid userid...
almost 2 years ago in IBM i / Security 3 Future consideration

Digital Certificate Manager, Import Certificate by retrieve from port

Importing certificates into the DCM is a slow task that requires the transfer of files, files that are not always readily available. As in the WAS console, it would be useful to acquire the certificate directly from the Server through its IP addre...
almost 2 years ago in IBM i / Security 3 Future consideration

Correct the QSYLOBJP API Documentation

Today, the QSYLOBJP API documentation states that it creates: a list of objects that adopt an object owner's authority In the classic way of thinking, this would be program/srvpgm objects that have USRPRF(*OWNER) set a creation time. However what ...
almost 2 years ago in IBM i / Security 3 Future consideration

What commands are linked to what special authority?

I want to monitor what commands needing special authority are used by who.
about 2 years ago in IBM i / Security 3 Future consideration

Add auditing to successful authentications

IBM i records failed authentications, which appear in the audit journal entries, but is missing a unified entry type for successful authentications. From an auditing perspective, this makes it hard to comprehensively track and report on successful...
about 2 years ago in IBM i / Security 3 Future consideration

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.