Skip to Main Content
IBM Z Software


This portal is to open public enhancement requests against IBM Z Software products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Not under consideration
Categories General TM
Created by Guest
Created on May 27, 2022

New parameter for IMS APPL class validation for OTMA messages

Using the IMS APPL class in RACF it is possible to control the authority of users who attempt to logon to IMS. In my customer’s shop the IMS APPL class is active and all personal userids are authorized to the IMS APPL class.

But there are other types of users. They are the users used in WAS-IMS Connect-OTMA applications that, in some way, represent an application and are not personal userids.

In our shop, these userids were restricted from accessing the IMS application by the IMS APPL class. The reason is that no one who can know the password of one of these userids can use it from a terminal connected to IMS.

During the migration from IMS V13 to IMS V15 we found that since IMS V14 the IMS APPL class also protects the logon of OTMA “sessions”. To do this, RACF is called to see if the userids of the OTMA messages are authorized to the IMS APPL class.

This change in behavior in IMS has meant that we have had to authorize the OTMA applications userids to the IMS APPL class as well. So, my customer has lost some security.

It would be very good if there were a new differentiated parameter for IMS APPL class validation (analogous to the DFSDCxxx SAPPLID parameter) to be able to validate the userids of the messages that arrive through OTMA differently from those who logon from a terminal connected to IMS.

Idea priority High
  • Guest
    Reply
    |
    Jun 22, 2022
    .Hi,

    Thank you for your interest in keeping IMS a vital and successful product. Software development has continuously evolved during IMS's lifetime, and so has IMS itself. We have kept pace with, adopted, and implemented many industry standard best practices within our organization, including Continuous Delivery, Design Thinking, and Agile.

    When choosing new features to add from the list of requirements in our backlog, we assess which will bring the most value to as many clients as possible and prioritize those.

    At this time, after reviewing this request for enhancement and assessing its potential value, we have decided to reject it. The functionality requested has already been delivered via APAR PI48121. Please visit here to learn more: https://www.ibm.com/support/pages/apar/PI48121

    We appreciate your input to IMS, and we hope that you will continue to submit ideas for improvements as customer feedback is a key component to shaping the future direction of IMS.

    Thank you.