IBM Data & AI

Welcome to the idea forum for IBM Data & AI (Formerly Analytics) Clients! 


IBM Employees:

The correct URL for entering your ideas is



Our team welcomes any feedback  and suggestions you have for improving our offerings / products!  This forum allows us to connect your offering / product improvement ideas with IBM product and engineering teams.


If you have not registered on this portal please click on the following link and register.  To complete registration you will need to open the email you will receive from Aha to confirm your identity.


QMF - Add support for DB2 systems using RACF security RFE 78202

QMF has the following administrator check on product initialization:
It is trying to insert or delete from Q.PROFILES table. If the insert/delete succeeded, then the user becomes "QMF Admin".
Else, It is a regular QMF user. This check is based on getting -551 sqlcode from db2 internal security engine.
When migrating from DB2 internal security to RACF security, users that do not have permissions for Q.PROFILES will get TSO prompt with RACF error messages. The current solutions are:
1. Use DSQUOPTS exit (DISADM option) to disable admin check - in this situation no one can administer QMF and support the users.
2. Turn off the messages using "WTPMSG off" (TSO PROFILE) - in this situation the RACF error messages will disapear, but also all the other tso prompt will.

We would like to enhance QMF to have the option to be an administrator, and also use RACF security in DB2, without having our users disturbed by error messages. This can be done by creating a system table for QMF that defines its administrators, or integrate it to use RACF resources also.
  • Guest
  • Dec 24 2018
  • Planned
Why is it useful?
Who would benefit from this IDEA?
How should it work?
Idea Priority High
Priority Justification
Customer Name Bank Hapoalim
Submitting Organization
Submitter Tags
  • Attach files

NOTICE TO EU RESIDENTS: per EU Data Protection Policy, if you wish to remove your personal information from the IBM ideas portal, please login to the ideas portal using your previously registered information then change your email to "anonymous@euprivacy.out" and first name to "anonymous" and last name to "anonymous". This will ensure that IBM will not send any emails to you about all idea submissions