What's new for IBM i 7.2

Read about new or significantly changed information for the Security reference topic collection.

The password rules that are specified in system value QPWDRULES are now enforced by the CRTUSRPRF and CHGUSRPRF commands when QPWDRULES contains the value *ALLCRTCHG.

A new Db2® for IBM i function usage identifier can be used to deploy separation of duties. The function identifier, QIBM_DB_SECADM, provides a user with the ability to grant authority, revoke authority, change ownership, or change primary group, but without giving access to the object or, in the case of a database table, to the data that is in the table or allowing other operations on the table.

Auditing

  • New audit journal entries of types AX (Row and Column Access Control), PF (PTF Operations), PU (PTF Object Changes), and X2 (Query Manager Profile Changes).
  • New QAUDLVL action auditing values of *PTFOBJ (Changes to PTF objects) and *PTFOPR (PTF operations).
  • Audit journal entries containing security information have been enhanced to include the original security information so you will now have the before and after values when a security change has been made.
  • Other miscellaneous updates to audit journal entries have been made.

New larger maximum storage value (MAXSTGLRG) allowed on a user profile.

Other miscellaneous updates have been made to this topic collection.

How to see what's new or changed

To help you see where technical changes have been made, the information center uses:
  • The Start of change image to mark where new or changed information begins.
  • The End of change image to mark where new or changed information ends.

In PDF files, you might see revision bars (| or +) in the left margin of new and changed information.