We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Post your ideas
Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,
Post an idea
Upvote ideas that matter most to you
Get feedback from the IBM team to refine your idea
Help IBM prioritize your ideas and requests
The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.
Receive notifications on the decision
Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.
Please use the following category to raise ideas for these offerings for all environments (traditional on-premises, containers, cloud):
Cloud Pak for Multicloud Management
Cloud Pak for Network Automation - incl Orchestration and Performance Management
Cloud Pak for Watson AIOps - incl Netcool Operations Management portfolio
Edge Application Manager
IBM Observability with Instana
ITM-APM Products - incl IBM Tivoli Monitoring v6 and Application Performance Monitoring v8
Workload Automation - incl Workload Scheduler
Tivoli System Automation - inc Tivoli System Automation Application Manager (SA AM), Tivoli System Automation for Multiplatforms (SA MP)
conman to authenticate users through WAS/WLP and retrieve LDAP group to user information and authorize using group in assigni
DWC and composer are able to authenticate LDAP users and authorize using LDAP groups and assign security roles accordingly, but conman doesn't authenticate using LDAP hence can't authorize using LDAP groups and assign security roles. Separate ACLs (stanza in security file) have to be specified with user IDs in order for CLI users to be authorized and respective roles assigned. This defeats the purpose of having LDAP groups and requires the security roles to be maintained in multiple places. A work around is to use OS level groups, but it still requires two entries, one for DWC/composer using the LDAP group and the other for CLI users using the OS group.
DWC and composer authenticate using the integration with LDAP configured in WAS/WLP, but conman doesn't. This RFE is for conman to adopt the same authentication and authorization mechanism as DWC/composer.
Please refer to Case No. TS004486686 for more details.
DWC and Composer can use the following stanza in the security file:
conman requires an additional entry with user IDs of all members of the same group:
CPU=@+LOGON=userA, userB, userC
Do not place IBM confidential, company confidential, or personal information into any field.