Skip to Main Content
IBM Power Ideas Portal

This portal is to open public enhancement requests against IBM Power Systems products, including IBM i. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal ( - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal ( - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM. - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Not under consideration
Workspace IBM i
Created by Guest
Created on Mar 26, 2021

NetServer delegation of personnel authorized to enabled disabled profiles

I would like to delegate re-enabling users disabled for NetServer access to general help desk people. They know how to drill down to it using IBM Navigator for i at http://myibmi:2001 . "Enable" is grayed out. Documentation at says they have to have *IOSYSCFG and *SECADM.
I was hoping I could use Application Administration and just approve a few people on my help desk for this function without elevating their security for tasks they should not be doing.

Use Case:

Help desk support. They know to deal with the causes such as having the person reboot their pc after changing their passwords, maybe unmapping/remapping drives, and more.

Idea priority Medium
  • Guest
    Nov 3, 2022

    An IBM i service to do this would be fine. If that could then be added to the New Navigator that would be good too.

  • Guest
    Mar 30, 2021

    Thank you for submitting this request. In order to retain security for this function, we must decline this request.

    Application Administration allows the ability to try running the function. The underlying function must still perform the same authority verification as if you were running it on the green screen.

    The only provided support to enable a NetServer Disabled user profile is the Change Server Information (QZLSCHSI) API. The API requires *IOSYSCFG special authority, and the option to enable a user profile also requires *SECADM special authority as well as *OBJMGT and *USE to the user profile being enabled. The API authority requirements align with the authority required to enable a disabled user on the system through other interfaces.

    As has been suggested, you can use the GO NETS QUSRTOOL and provide access to that. The source for all the options in the GO NETS menu is shipped in QUSRTOOL. You can take the source for the option that enables a user and create your own program that adopts the necessary authorities. Authorize the set of users you wish to allow access to the function and *EXCLUDE everyone else.
    Here is an example of how to create an authorized program:

  • Guest
    Mar 30, 2021

    Would a DB2 for i Service to achieve what you are asking for fill your need?

    Just being curious....

  • Guest
    Mar 29, 2021

    If you can accept an Green Screen solution, one alternative would be to install the NETSRVCMD/GO NETS and put the command WRKNSVUSR in a program with elevated authority:

    or you can write your own program that uses those API's