Skip to Main Content
IBM Power Ideas Portal


This portal is to open public enhancement requests against IBM Power Systems products, including IBM i. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

My ideas: Security

Showing 117

EIM Windows domain source mapping from CRTUSRPRF

On CRTUSRPRF we have the parameter EIMASSOC. This lets us create an EIM identifier and add the current system as a TARGET. Every new user that is created need to also have the windows domain as a SOURCE in order for single signon to work. This mea...
8 days ago in IBM i / Security 1 Submitted

Add TLS support for SNDDSTJS

Add TLS 1.3 support for SNDDSTJS to connect to a remote mail router without authentication. Advanced job scheduler notification properties does not have the option to enable TLS. TLS is required by some companies including financial intuitions.
3 months ago in IBM i / Security 1 Submitted

Enable TR-31 Import / Export of AES K0-B and K1-B Key Blocks for 4767/4769 crypto cards

For important bank compliance with MasterCard, we need use to TR-31 KEY EXPORTER in KEK value with mode of use BThe used parameters are:Key block version: VARDRV‑BValue of use: KEKMode of use: ENC-DEC In the APAR OA64883 was published for Z series...
4 months ago in IBM i / Security 1 Submitted

IBM i DCM - Last used timestamp for each certificate

For the purpose of housekeeping the certificate stores in IBM i DCM, it would be very useful to enhance DCM to be able to show the "Last Used Time Stamp" and also "Use Count" for EACH certificate in the store so that system admin can efficiently s...
about 1 year ago in IBM i / Security 3 Future consideration

Add Native DCM support for ACME protocol (Automatic Certificate Management Environment)

IBM i 7.4 introduced APIs that support Native Digital Certificate Management, I would like IBM to build on this a deliver a natively supported ACME (Automatic Certificate Management Environment) protocol support to allow IBM i to automatically req...
11 months ago in IBM i / Security 3 Not under consideration

Add native 2FA and/or MFA for 5250 and other interfaces to data

Data security insurance and other requirements are requesting Two Factor Authentication or Multi Factor Authentication access to data.
12 months ago in IBM i / Security 2 Future consideration

Add auditing to successful authentications

IBM i records failed authentications, which appear in the audit journal entries, but is missing a unified entry type for successful authentications. From an auditing perspective, this makes it hard to comprehensively track and report on successful...
over 1 year ago in IBM i / Security 3 Future consideration

Include an "assigned" flag to DCM API to indicate if cert is assigned to an DCM application or not

There is an API that already exists that allows certificates stored in a DCM store be read and would include expiry date, which is useful. I am not sure what the API is called, but I know that TAATOOL provides a command (CVTCERT) that uses the IBM...
6 months ago in IBM i / Security 5 Under review

IBM i SSO authentication against Azure Global AD

Actually, a valid Network Authentication service and EIM configuration permits to use SSO on IBM i through different Windows AD realms for the users to authenticate to the IBM i using their windows usernames. New times requires new technologies fo...
over 2 years ago in IBM i / Security 3 Future consideration

Monitoring or tracking changes done in DCM

Hi Team, We have a scenario where certification was unassigned from one of the application and so inorder to prevent this from happening again, we need to identify the cause of this issue ie we need to know who has made those changes to the DCM. S...
11 months ago in IBM i / Security 3 Future consideration