IBM Power Ideas Portal


This portal is to open public enhancement requests against IBM Power Systems products, including IBM i. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

Security

Showing 115

Integrate SAML and/or OIDC authentication options for IBMi (5250/Navigator/IFS/Printer Output/SSH)

Many businesses are increasingly demanding that standard authentication processes are adhered to for all applications/servers within their environment. Whether we agree with that approach or not, there is extraordinary pressure to fit IBMi into th...
9 days ago in IBM i / Security 1 Submitted

need a new QPWD system value that allows to set case sensitivity mix

need a new QPWD system value that allows to set case sensitivity mix that aligns with the rest of QPWD* system values. We are working on align the IBMi password set with our company policy. but, As per the documentation(IBM), if we do use QPWDRule...
20 days ago in IBM i / Security 2 Submitted

Expand on the Authority Collection process by logging commands that actually use the special authorities granted on user profile

I'm trying to clean up security and while the Authority Collection process is valuable, I need to go a step farther. There are too many IDs with any combination of special authorities, and I do not have a clean way to monitor if it's needed. I wou...
19 days ago in IBM i / Security 0 Submitted

DCM *SYSTEM store password in admin-cust.xml files

In the security configuration files from ADMIN application servers (ADMIN1, ADMIN3, ....) the *SYSTEM store password is weakly encoded with {xor} and is easy to obtain if you have access to admin-cust.xml file in /QIBM/UserData/OS/ADMININST/[admin...
3 months ago in IBM i / Security 1 Future consideration

IBM i DCM - Last used timestamp for each certificate

For the purpose of housekeeping the certificate stores in IBM i DCM, it would be very useful to enhance DCM to be able to show the "Last Used Time Stamp" and also "Use Count" for EACH certificate in the store so that system admin can efficiently s...
over 1 year ago in IBM i / Security 3 Future consideration

Add Native DCM support for ACME protocol (Automatic Certificate Management Environment)

IBM i 7.4 introduced APIs that support Native Digital Certificate Management, I would like IBM to build on this a deliver a natively supported ACME (Automatic Certificate Management Environment) protocol support to allow IBM i to automatically req...
over 1 year ago in IBM i / Security 4 Not under consideration

WRKFCNUSG Auditing

It would be nice if any adds/changes/deletes that occur when using the WRKFCNUSG process would be tracking in the Security Audit Journal for the logical replication apps can keep the authorities in sync between SRC and TGT replication sets.
about 2 months ago in IBM i / Security 1 Functionality already exists

A library's CRTOBJAUD setting should be honored for CRTDUPOBJ adding to the library.

This closes a security hole. The library's CRTOBJAUD setting is used to assure that objects created within the library have the auditing desired. However, CRTDUPOBJ will put an object into a library and the auditing is based on the source object's...
3 months ago in IBM i / Security 1 Not under consideration

Enable TR-31 Import / Export of AES K0-B and K1-B Key Blocks for 4767/4769 crypto cards

For important bank compliance with MasterCard, we need use to TR-31 KEY EXPORTER in KEK value with mode of use BThe used parameters are:Key block version: VARDRV‑BValue of use: KEKMode of use: ENC-DEC In the APAR OA64883 was published for Z series...
10 months ago in IBM i / Security 1 Submitted

Include an "assigned" flag to DCM API to indicate if cert is assigned to an DCM application or not

There is an API that already exists that allows certificates stored in a DCM store be read and would include expiry date, which is useful. I am not sure what the API is called, but I know that TAATOOL provides a command (CVTCERT) that uses the IBM...
11 months ago in IBM i / Security 5 Under review

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.