Routing Work by User Profile and More Hidden IBM i 7.5 and IBM i 7.4 TR6 Gems
IBM has announced IBM i 7.5 and IBM i 7.4 TR6. A new release is a big deal and there are a huge number of great enhancements. Steve Will’s article, Announcing IBM i 7.5, 7.4 TR6, IBM I Merlin, is one of the best places to start for an overall review. You should also listen to the COMMON webcasts on the May 2022 IBM i Updates, as these webcasts include nuggets not found in the announcement letters; you do need to register for these webcasts, but there is no charge for them.
In the theme of the i Can blog, I want to highlight a few of my favorite hidden gems in this announcement. These highlights just scratch the surface of what IBM is delivering and I look forward to researching, learning and writing about all the new features coming our way.
Set Server Subsystem Routing for Secure Connections
This one is exciting and surprising. I had heard IBM state that this would never be done, but it has! The ability to route work by user profile for secure servers is now available. This enhancement is only available on 7.5, so it must have been a tricky solution. The ability to route work by IP address for secure servers has been available for a long time using the Navigator for i to configure subsystem routing; the ability to route by IP address for secure servers is also now available with the SQL procedure.
See the QSYS2.SET_SERVER_SBS_ROUTING documentation for details. Thank you, IBM!
New Navigator Default Access Is Changing to Denied
This is an important change for New Navigator on all supported releases.
The default setting for the QIBM_NAV_ALL_FUNCTION will be changed from *ALLOW to *DENIED. This means that simply applying the latest PTFs will result in users not being able to use New Nav. Powerful user profiles with *SECOFR or *ALLOBJ special authority will still be able to access Navigator, but other users will not unless they are granted access via this function ID, or more granular access with the other New Nav function IDs for specific features. I would recommend not changing QIBM_NAV_ALL_FUNCTION back to *ALLOW and instead, consider a scheme to specifically grant access to the features users require.
IBM’s page on Function Usage IDs has more information. Also, refer to the post on Function Usage Replaces Application Administration in in New Navigator for general information about Function Usage.
Query Supervisor Example Exit Programs in CL
System administrators should love this little gem! The query supervisor is a great feature to capture expensive queries at run time, but a key requirement is an exit program to take the desired action. IBM provided example exit programs to get started, and they have now added CL examples.
Maximum Sign-on Attempts By User Profile
Another cool thing: in 7.5 you can now configure the maximum number of invalid sign-on attempts for individual user profiles with the MAXSIGN parameter on the Create and Change User Profile commands.
New IBM i Services
As with all announcements over the past few years, this one includes many new and enhanced IBM i Services. The list is too long to summarize here—the 7.5 Base Enhancements and 7.4 TR6 Enhancements pages has the complete list of new and enhanced services.
Collection Services Enhancements
Collection Services, as typical in a new release, collects additional performance metrics. The most exciting one is a new category, *XSTGSVC, that collects performance information about IBM Spectrum Virtualize environments. Collection Services has collected external storage data from DS8K systems for years, but only the largest shops had those storage systems. This is a great enhancement for smaller shops using Spectrum virtualize external storage.
Collection Services also collects additional plan cache metrics in 7.5; looking at the QAPMSQLPC file, there are many additional metrics that will be very helpful in optimizing SQL performance.