IBM Power Ideas Portal
This portal is to open public enhancement requests against IBM Power Systems products, including IBM i. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
.Hi,
We discussed about the possible options and with the current access model, the implementation involves some amount of complexity and we are waiting to see if there are more votes for this particular request for dual authentication.
This sounds like a workflow issue. For example, the off-shore admin issues a shutdown on the HMC and you want a US-based admin to provide secondary authorization. The off-shore request could get placed in an HMC queue, the US-based admin could be notified of it, there maybe delay when the US-based admin acknowledges the request and takes action, perhaps the request times out after a while, etc. Or the off-shore admin sends an e-mail to the US-based admin to do the shutdown.
Are you asking for this to be in GUI, CLI, and / or REST? Do you want this configurable per command?
This is a sizeable effort for us, and we've not received this request before. This is why I said if this is a workflow issue then it's more efficient to address this outside HMC.
Please reopen and send to next level of support. This is not about the custom roles for users. I would like to have dual authorization for certain commands before the command executes.
Thank you
Dan
Hi,
The requested enhancement can be achieved with the existing resource roles/user roles in HMC. Apart from user roles, there are resource roles where a user can be restricted to a specific set of resources which can be used to handle cases like unauthorized shutdown of managed systems.
Thanks.
Hi,
Please look at comments earlier. Please let us know if you have more queries on the authorization.
Thanks.
Creating a new RFE based on Community RFE #84919 in product Power Hardware Management Console.