IBM-supplied function IDs

This section provides tables of the IBM®-supplied function IDs.

Function IDs are used to define who is authorized to use an interface. A function ID has a default authority setting and an *ALLOBJ special authority setting. There is also a list which can contain users with specific usage settings. The interface checks for authorization to the function ID to determine if the user is allowed to use the interface.

Function IDs can be viewed using IBM Navigator for i, expand Security > Function Usage.

To change the usage setting for a user:

In IBM Navigator for i, expand Security > Function Usage.
Right-click on the function ID for which you want to add or remove users and select Change.
In the Change Function Usage dialog box, enter the profile you want to add or remove in the Profile(s) field.
To add the profile, click Add under Access Allowed or under Access Denied.
To remove the profile, click Remove under Access Allowed or under Access Denied.
Click OK.

Function IDs can also be viewed using the Work with Function Usage (WRKFCNUSG) command, and usage settings can be changed using the Change Function Usage (CHGFCNUSG) command.

Descriptions of the table columns:

Function ID

The IBM-supplied function ID.

Default authority

Determines whether a user can use the function if they or one of their groups do not have a specific usage setting.

Allowed - A user without a specific usage setting can use the function.
Denied - A user without a specific usage setting cannot use the function.

*ALLOBJ special authority

Determines whether *ALLOBJ special authority is used to allow use of the function.

Used - A user with *ALLOBJ special authority, or a user that does not have an access of *DENIED and has a group with *ALLOBJ special authority, can use the function.
Not used - *ALLOBJ special authority is not used to allow use of the function.

Function name

The function ID name.

Description

A description of what the function ID is for and the interfaces that check usage to the function ID. The interfaces listed may require, along with access to the function ID, access to other function IDs or have additional authority requirements. You must investigate each interface to determine the required authority.

Function ID tables:

Table 1: Base operating system (5770SS1)
Table 2: TCP/IP connectivity utilities (5770TC1)
Table 3: Backup, Recovery, and Media Services (BRMS) (5770BR2)
Table 4: IBM i Access Client Solutions (ACS) (5770XJ1)
Table 5: IBM Navigator for i
Table 6: IBM i Common Information Model server (CIMOM) (5770UME)
Table 7: Heritage IBM Navigator for i
Table 8: Obsolete function IDs

Table 1. Function IDs for the base operating system (5770SS1)
Function ID	Default authority (Allowed or Denied)	*ALLOBJ special authority (Used or Not used)	Function name	Description
QIBM_ACCESS_ALLOBJ_JOBLOG	Denied	Used	Access job log of *ALLOBJ job	Display a joblog for a job that has *ALLOBJ special authority using the following interfaces: Display Job Log (DSPJOBLOG) command Display Job (DSPJOB) command, option 10 List Job Log Messages (QMHLJOBL) API Open List of Job Log Messages (QGYOLJBL) API Retrieve XML Service Information (QSCRXMLI) API Work with Job (WRKJOB) command, option 10
QIBM_ACS_HTTP_PROXY	Denied	Not used	HTTP Proxy Feature	Use a Windows or Mac OS system as the proxy host to the internet when the IBM i does not have access to the internet.
QIBM_ACS_HTTP_PROXY_OSPM	Denied	Used	Open Source Package Management (OSPM) HTTP Proxy	Use a Windows or Mac OS system as the proxy host to access the RPM repository hosted by IBM when the IBM i does not have access to the internet.
QIBM_ALLOBJ_TRACE_ANY_USER	Denied	Used	Trace any user	Trace jobs using a generic user name or to join traces using the Start Trace (STRTRC) command. Start additional traces when using the Trace TCP/IP Application (TRCTCPAPP) command.
QIBM_DB_DDMDRDA	Allowed	Used	DDM and DRDA Application Server Access	Access to the Distributed Data Management (DDM) and Distributed Relational Database Architecture (DRDA) application server. See DRDA and DDM server access control using function usage ID.
QIBM_DB_GENCOL_OVERRIDE	Denied	Not used	Generated Columns Override	Set the QSYS2.REPLICATION_OVERRIDE built-in Global variable that gives a user the ability to override the system generated values for the GENERATED columns in an SQL table.
QIBM_DB_SECADM	Denied	Not used	Database Security Administrator	Manage objects without needing to give access to the object using the following interfaces: Add Authorization List Entry (ADDAUTLE) command AUTHORIZATION_LIST_INFO view Change Authority Collection (CHGAUTCOL) command Change Authorization List Entry (CHGAUTLE) command Change Object Owner (CHGOBJOWN) command Change Object Primary Group (CHGOBJPGP) command CONFIRM_RECLONE_SECURITY_OBJECTS view Delete Authority Collection (DLTAUTCOL) command Display Authorization list objects (DSPAUTLOBJ) command Display Object Authority (DSPOBJAUT) command Edit Authorization List (EDTAUTL) command Edit Object Authority (EDTOBJAUT) command End Authority Collection (ENDAUTCOL) command GENERATE_SQL procedure GENERATE_SQL_OBJECTS procedure Grant Object Authority (GRTOBJAUT) command List Authorized Users (QSYLAUTU) API List Objects (QUSLOBJ) API List Objects Secured by Authorization List (QSYLATLO) API List Users Authorized to Object (QSYLUSRA) API OBJECT_PRIVILEGES table function OBJECT_PRIVILEGES view OBJECT_STATISTICS table function Open List of Objects (QGYOLOBJ) API Remove Authorization List Entry (RMVAUTLE) command Retrieve Authorization List Entry (RTVAUTLE) command Retrieve Authorized Users (QSYRAUTU) API Retrieve User Information (QSYRUSRI) API Retrieve Users Authorized to an Object (QSYRTVUA) API Revoke Object Authority (RVKOBJAUT) command Start Authority Collection (STRAUTCOL) command SWAP_DYNUSRPRF procedure Work with Authorization Lists (WRKAUTL) command Work with Libraries (WRKLIB) command Work with Objects (WRKOBJ) command Administer Row and Column Access Control (RCAC). Row and Column Access Control provides the ability to restrict which rows a user is allowed to access in a table and whether a user is allowed to see information in certain columns of a table.
QIBM_DB_SQLADM	Denied	Not used	Database Administrator	Analyze and view SQL performance data and display SQL details of a job other than your own when using the following interfaces: ACTIVE_DB_CONNECTIONS table function ACTIVE_JOB_INFO table function ADD_QUERY_THRESHOLD procedure ASP_JOB_INFO view CHANGE_MIRROR procedure CHANGE_PLAN_CACHE_SIZE procedure CLEAR_PLAN_CACHE procedure COMPARE_FILE table function DATABASE_MONITOR_INFO view DB_TRANSACTION_INFO view DB_TRANSACTION_OBJECT_INFO table function DB_TRANSACTION_RECORD_INFO table function DUMP_PLAN_CACHE procedure DUMP_PLAN_CACHE_PROPERTIES procedure DUMP_PLAN_CACHE_TOPN procedure END_ALL_PLAN_CACHE_EVENT_MONITORS procedure END_PLAN_CACHE_EVENT_MONITOR procedure FIND_QSQSRVR_JOBS procedure GET_JOB_INFO table function MIRROR_COMPARE_LIBRARY procedure MIRROR_COMPARE_NODE procedure MIRROR_COMPARE_OBJECT table function MIRROR_SUSPENDING_JOBS table function OVERRIDE_QAQQINI procedure QIBM_QQQ_QUERY_GOVR exit point, to add or remove exit programs QUERY_SUPERVISOR view REMOVE_QUERY_THRESHOLD procedure QSYS2.Reset_Environmental_Limits () procedure Retrieve Job Information (QUSRJOBI) API START_PLAN_CACHE_EVENT_MONITOR procedure SYSLIMITS view DB_TRANSACTION_JOURNAL_INFO table function
QIBM_DB_SYSMON	Denied	Not used	Database Information	Examine high-level database properties when using the following interfaces: ACTIVE_DB_CONNECTIONS table function ACTIVE_JOB_INFO table function ASP_JOB_INFO view DATABASE_MONITOR_INFO view DB_TRANSACTION_INFO view FIND_QSQSRVR_JOBS procedure GET_JOB_INFO table function MIRROR_SUSPENDING_JOBS table function SYSLIMITS view DB_TRANSACTION_JOURNAL_INFO table function DB_TRANSACTION_OBJECT_INFO table function DB_TRANSACTION_RECORD_INFO table function
QIBM_DB_ZDA	Allowed	Used	Toolbox Application Server Access	Access to the ODBC and JDBC Toolbox from the server side, including Run SQL Scripts and Navigator for i.
QIBM_DB2_MIRROR	Denied	Not used	Db2® Mirror Administrator	Access to certain IBM Db2 Mirror for i functions using the following interfaces: CHANGE_RESYNC_ENTRIES procedure COMPARE_RESYNC_STATUS table function CHANGE_MIRROR_OBJECTCONNECT procedure
QIBM_DIRSRV_ADMIN	Denied	Not used	IBM Tivoli® Directory Server Administrator	LDAP administrator authority.
QIBM_ENVVAR_SYS	Allowed	Not used	Update system-level environment variables	Add, change or remove system-level environment variables using the following interfaces: Add Environment Variable (ADDENVVAR) command Change Environment Variable (CHGENVVAR) command Remove Environment Variable (RMVENVVAR) command Change or Add a System-Level Environment Variable (Qp0zPutSysEnv) API Delete a System-Level Environment Variable (Qp0zDltSysEnv) API
QIBM_IOSYSCFG_VIEW	Denied	Not used	View Input/Output system configuration	Allows the ability to view input/output system configuration information using the following interfaces: ASP_INFO view Configure TCP/IP (CFGTCP) command Configure TCP/IP Applications (CFGTCPAPP) command Configure TCP/IP SNMP (CFGTCPSNMP) command Change DDM File (CHGDDMF) command to view the current values when prompting Change FTP Attributes (CHGFTPA) command to view the current values when prompting Change LPD Attributes (CHGLPDA) command to view the current values when prompting Change OSPF Attributes (CHGOSPFA) command to view the current values when prompting Change OSPF Area (CHGOSPFARA) command to view the current values when prompting Change OSPF Interface (CHGOSPFIFC) command to view the current values when prompting Change OSPF Virtual Link (CHGOSPFLNK) command to view the current values when prompting Change OSPF Range (CHGOSPFRNG) command to view the current values when prompting Change RDB Directory Entry (CHGRDBDIRE) command to view the current values when prompting Change REXEC Attributes (CHGRXCA) command to view the current values when prompting. Change RIP Attributes (CHGRIPA) command to view the current values when prompting Change SMTP Attributes (CHGSMTPA) command to view the current values when prompting. Change SNMP Attributes (CHGSNMPA) command to view the current values when prompting Change SNTP Attributes (CHGNTPA) command to view the current values when prompting Change TCP/IP Attributes (CHGTCPA) command to view the current values when prompting Change TCP/IP Domain (CHGTCPDMN) command to view the current values when prompting Change TCP/IP Host Table Entry (CHGTCPHTE) command to view the current values when prompting Change TCP/IP Route (CHGTCPRTE) command to view the current values when prompting Change TCP/IP Server (CHGTCPSVR) command to view the current values when prompting Change Telnet Attributes (CHGTELNA) command to view the current values when prompting Change VACM for SNMP (CHGVACSNMP) command to view the current values when prompting Display Class-of-Service Description (DSPCOSD) command Display Configuration List (DSPCFGL) command Display Controller Description (DSPCTLD) command Display DDM File (DSPDDMF) command Display Device Description (DSPDEVD) command Display Host Server (DSPHOSTSVR) command. Display Line Description (DSPLIND) command Display Mode Description (DSPMODD) command Display NetBIOS Description (DSPNTBD command Display Network Attributes (DSPNETA) command to display the following network attributes: JOBACN, DDMACC, PCSACC, and ALWADDCLU. Display Network Server Description (DSPNWSD) command Display OSPF (DSPOSPF) command Display RDB Directory Entries (DSPRDBDIRE) command Display RIP Information (DSPRIP) command
QIBM_IOSYSCFG_VIEW continued				Display System Value (DSPSYSVAL) command to display the following system values: QCFGMSGQ, QSSLCSL, QSSLCSLCTL, and QSSLPCL. Display Tape Cartridge (DSPTAPCTG) command Display Tape Status (DSPTAPSTS) command List Configuration Descriptions (QDCLCFGD) API List Network Connections (QtocLstNetCnn) API List Network Interface (QtocLstNetIfc) API List Network Routes (QtocLstNetRte) API List Physical Interface ARP Table (QtocLstPhyIfcARPTb) API List Physical Interface Data (QtocLstPhyIfcDta) API List Server Information (QZLSLSTI) API MEDIA_LIBRARY_INFO view MIRROR_CLUSTER_INFO view MIRROR_INFO view MIRROR_OBJECTCONNECT_INFO view MIRROR_TAKEOVER_INFO view NETSTAT_INFO view NETSTAT_INTERFACE_INFO view NETSTAT_JOB_INFO view NETSTAT_ROUTE_INFO view NETWORK_ATTRIBUTE_INFO view to return information for the following network attributes: JOB_ACTION, DDM_REQUEST_ACCESS, CLIENT_REQUEST_ACCESS, and ALLOW_ADD_TO_CLUSTER. NRG_INFO view NRG_LINK_INFO view Open List of Server Information (QZLSOLST) API RDB_ENTRY_INFO view RDMA_CONNECTION_INFO view RDMA_LINK_INFO view Retrieve Cartridge Filter (QTARCTGF) API Retrieve Cartridge Information (QTARCTGI) API Retrieve Configuration Source (RTVCFGSRC) command Retrieve Configuration Status (QDCRCFGS) API Retrieve Controller Description (QDCRCTLD) API Retrieve Device Description (QDCRDEVD) API Retrieve Device Status (QTARDSTS) API Retrieve Line Description (QDCRLIND) API Retrieve Network Attributes (QWCRNETA) API to retrieve the following network attributes: JOBACN, DDMACC, PCSACC, and ALWADDCLU. Retrieve Network Attributes (RTVNETA) command to retrieve the following network attributes: JOBACN, DDMACC, PCSACC, and ALWADDCLU. Retrieve Network Connection Data (QtocRtvNetCnnDta) API Retrieve Network Interface Data (QtocRtvNetIfcDta) API Retrieve Network Server Description (QDCRNWSD) API Retrieve OSPF State Information (QtooRtvOSPFDta) API Retrieve System Values (QWCRSVAL) API to retrieve the following system values: QCFGMSGQ, QSSLCSL, QSSLCSLCTL, and QSSLPCL. Retrieve System Value (RTVSYSVAL) command to retrieve the following system values: QCFGMSGQ, QSSLCSL, QSSLCSLCTL, and QSSLPCL. Retrieve TCP/IP Attributes (QtocRtvTCPA) API Retrieve Telnet Attributes (QTVRTVTELA) API Retrieve TLS Attributes (QsoRtvTLSA) API
QIBM_IOSYSCFG_VIEW continued				SERVER_SBS_CONFIGURATION view SERVER_SHARE_INFO view SYSTEM_VALUE_INFO view to return information for the following system values: QCFGMSGQ, QSSLCSL, QSSLCSLCTL, and QSSLPCL. TAPE_CARTRIDGE_INFO view TELNET_SERVER_ATTRIBUTES view USER_INFO view to return information for the NETSERVER_DISABLED column USER_INFO_BASIC view to return information for the NETSERVER_DISABLED column Work with Configuration Lists (WRKCFGL) command Work with Configuration Status (WRKCFGSTS) command Work with Controller Descriptions (WRKCTLD) command Work with COS Descriptions (WRKCOSD) command Work with DDM Files (WRKDDMF) command Work with Device Descriptions (WRKDEVD) command Work with Line Descriptions (WRKLIND) command Work with Media Library Status (WRKMLBSTS) command Work with Mode Descriptions (WRKMODD) command Work with NetBIOS Descriptions (WRKNTBD) command Work with Network Servers (WRKNWSD) command Work with Network Table Entry (WRKNETTBLE) command Work with Protocol Table Entry (WRKPCLTBLE) command Work with RDB Directory Entry (WRKRDBDIRE) command Work with Service Table Entry (WRKSRVTBLE) command Work with System Value (WRKSYSVAL) command to display with the following system values: QCFGMSGQ, QSSLCSL, QSSLCSLCTL, and QSSLPCL. Work with Tape Cartridge (WRKTAPCTG) command Work with TCP/IP Network Status (NETSTAT) command Work with TCP/IP Network Status (WRKTCPSTS) command
QIBM_LIST_ALL_OBJS	Denied	Used	List all objects	Show object names when using the following interfaces. When allowed, all object names are shown. When restricted, only the names for objects which the user has some authority other than EXCLUDE are shown. Display Object Description (DSPOBJD) command DETAIL(NAME) List Object (QUSLOBJ) API Open List of Objects (QGYOLOBJ) API Integrated file system (IFS) interfaces that read directory entries from QSYS.LIB and IASP QSYS.LIB file systems.
QIBM_LIST_ALL_OBJS_SQL	Denied	Used	List all objects in SQL	Return objects names from SQL services. When allowed, all object names are returned. When restricted, only names for objects which the user has some authority other than *EXCLUDE are returned. OBJECT_LOCK_INFO OBJECT_PRIVILEGES OBJECT_STATISTICS SYSSCHEMAAUTH SYSSCHEMAS
QIBM_QSY_DISPLAY_PWDRULES	Allowed	Used	Display password rules	Show 'F9=Display password rules' on the Change Password (CHGPWD) screen.
QIBM_QSY_SYSTEM_CERT_STORE	Denied	Used	*SYSTEM certificate store	Access to the *SYSTEM certificate store without having to be authorized to the actual object, but only when using the certificate associated with the application to establish a secure session.
QIBM_QYAS_SERVICE_DISKMGMT	Denied	Not used	Disk units	Disk unit management functions using the following interfaces: Configure Device ASP (CFGDEVASP) command Configure Geographic Mirror (CFGGEOMIR) command End Disk Management Operation (QYASEDMO) API End Disk Management Session (QYASEDMS) API Start Disk Management Operation (QYASSDMO) API Start Disk Management Session (QYASSDMS) API
QIBM_QZLS_NETSVR_SHARE	Denied	Not used	Allow object owner to modify share without *IOSYSCFG	Controls the ability to allow or restrict object owners without *IOSYSCFG special authority to create, modify, or delete IBM i NetServer shares for owned objects when using the following interfaces: Add File Server Share (QZLSADFS) API Change File Server Share (QZLSCHFS) API Add Print Server Share (QZLSADPS) API Change Print Server Share (QZLSCHPS) API Remove Server Share (QZLSRMS) API
QIBM_RUN_UNDER_USER_NO_AUTH	Allowed	Not used	Run under a user without authentication	Interfaces that will fail when running under a user profile without verifying the authentication information for the user. If a user is denied access to the function ID, they will not be allowed to be the target of these operations. For more information, refer to QIBM_RUN_UNDER_USER_NO_AUTH function usage ID in the Multi-factor authentication (MFA) topic. Generate Profile Token (QSYGENPT) API when a special value is specified for the password. Generate Profile Token (QsyGenPrfTkn) API Generate Profile Token (QsyGenPrfTkn2) API Get Profile Handle (QSYGETPH) API when a special value is specified for the password. Get Profile Handle No Password (QsyGetProfileHandleNoPwd) API Get Profile Handle No Password (QsyGetProfileHandleNoPwd2) API Set Effective User ID (qsyseteuid) API Set Real and Effective User ID (qsysetreuid) API Set User ID (qsysetuid) API Submit Job (SBMJOB) command when the job is being submitted to run under a user that is not the current user. The following are known examples that use the above interfaces and will fail if the user is denied access. When accessing the Network File System (NFS) server, users associated with UIDs that are denied access to the function ID will be mapped to the anonymous user for the export if one is defined. Otherwise, the access will be denied. IBM i NetServer print share support uses a profile token with special value to make a local connection to the network print host server. IBM i NetServer print share support will fail for user profiles that are denied access to this function ID. When the configured NetServer guest profile is denied access to the function ID, connections that would require guest access will fail. When a successful kerberos authentication maps to a user that is denied access to the function ID, the authentication will fail. Integrated web services (IWS) support requires the ability to create a profile token using a special value for the password for any user profile that will be used to run the web service. Thus, any user profile that will be used to run the web service, if denied access to the function ID, will fail. When the user the QIBM_QTG_DEVINIT Telnet exit program uses for the auto-sign-on operation is denied access to the function ID, the exit program will not run. The SSH server requires the ability to create a profile token using a special value for the password when using public key authentication. Users that are denied access to this function ID will only be able to connect using password authentication. Exit programs under exit point QIBM_QTMF_SVR_LOGON that request a sign-on using the *NOPWD special value will result in a failure if the associated user profile is denied access to the function ID. Operations that submit jobs indirectly, such as the job scheduler and spool readers, will fail if the user profile is denied access to the function ID.
QIBM_SERVICE_DISK_WATCHER	Denied	Not used	Disk Watcher	Collect disk watcher data using the following interfaces: Add Disk Watcher Definition (ADDDWDFN) command End Disk Watcher (ENDDW) command Remove Disk Watcher Definition (RMVDWDFN) command Start Disk Watcher (STRDW) command
QIBM_SERVICE_DUMP	Denied	Not used	Service dump	Dump information using the following interfaces: Collect Hung Job Service Documentation (QPDETHNG) API Copy From Main Storage Dump (CPYFRMMSD) command Copy To Main Storage Dump (CPYTOMSD) command Dump User Profile (DMPUSRPRF) command Perform Miscellaneous File System Functions (QP0FPTOS) API Print Internal Data (PRTINTDTA) command Log Software Error (QPDLOGER) API
QIBM_SERVICE_JOB_WATCHER	Denied	Used	Job watcher	Collect performance data using the following interfaces: Add Job Watcher Definition (ADDJWDFN) command End Job Watcher (ENDJW) command Remove Job Watcher Definition (RMVJWDFN) command Start Job Watcher (STRJW) command
QIBM_SERVICE_THREAD	Denied	Not used	Thread control	Retrieve information about threads of another job. Control thread (QTHMCTLT) API Retrieve thread attributes (QWTRTVTA) API
QIBM_SERVICE_TRACE	Denied	Not used	Service trace	Collect trace data when using the following interfaces: Add PEX Definition (ADDPEXDFN) command Add PEX Filter (ADDPEXFTR) command Add Trace Filter (ADDTRCFTR) command Change Communications Trace Configuration (QSCCHGCT) API Change Connection Attribute (QTOCCCNA) API Change PEX Definition (CHGPEXDFN) command Check Communications Trace (CHKCMNTRC) command Check Communications Trace (QSCCHKCT) API Create PEX Data (CRTPEXDTA) command Delete Communications Trace (DLTCMNTRC) command Delete PEX Data (DLTPEXDTA) command Delete Trace (DLTTRC) command Dump Communications Trace (DMPCMNTRC) command Dump Trace (DMPTRC) command End Communications Trace (ENDCMNTRC) command End Performance Explorer (ENDPEX) command End Trace (ENDTRC) command Join Trace (QSCJOINT)) API Work with TCP/IP Network Status (NETSTAT) command when enabling or disabling debug for a connection from the Work with IPv4 connection status panel or the Work with IPv6 connection status panel Print Communications Trace (PRTCMNTRC) command Print PEX Report (PRTPEXRPT) command Print Trace Data (PRTTRC) command Remove PEX Definition (RMVPEXDFN) command Remove PEX Filter (RMVPEXFTR) command Remove Trace Filter (RMVTRCFTR) command Retrieve Watch Information (QSCRWCHI) API Retrieve Watch List (QSCRWCHL) API Start Communications Trace (STRCMNTRC) command Start Performance Explorer (STRPEX) command Start Trace (STRTRC) command Trace Connection (TRCCNN) command Trace Internal (TRCINT) command Trace TCP Application (TRCTCPAPP) command WATCH_DETAIL table function WATCH_INFO view Work with PEX Definitions (WRKPEXDFN) command Work with PEX Filters (WRKPEXFTR) command Work with Traces (WRKTRC) command Work with Watches (WRKWCH) command
QIBM_SERVICE_WATCH	Denied	Not used	Service watch	Perform watch operations using the following watch interfaces: End Watch (ENDWCH) command End Watch (QSCEWCH) API Retrieve Watch Information (QSCRWCHI) API Retrieve Watch List (QSCRWCHL) API Start Watch (STRWCH) command Start Watch (QSCSWCH) API WATCH_DETAIL table function WATCH_INFO view Work with Watches (WRKWCH) command
QIBM_WATCH_ANY_JOB	Denied	Not used	Watch any job	Perform watch operations on any job using the following interfaces: End Watch (ENDWCH) command End Watch (QSCEWCH) API Start Communications Trace (STRCMNTRC) command Start Trace (STRTRC) command Start Watch (STRWCH) command Start Watch (QSCSWCH) API Trace Connection (TRCCNN) command Trace Internal (TRCINT) command Trace TCP Application (TRCTCPAPP) command

Table 2. Function IDs for TCP/IP connectivity utilities (5770TC1)
Function ID	Default authority (Allowed or Denied)	*ALLOBJ special authority (Used or Not used)	Function name	Description
QIBM_QTMF_CLIENT_ACCEPT_CERT	Denied	Not used	Allow Untrusted Certificate Prompt	FTP client allows FTP users to accept a server certificate that is not signed by a trusted certificate authority when building secure connections with the remote server.
QIBM_QTMF_CLIENT_REQ_0	Allowed	Not used	Initiate Session	Start an FTP client session. Must be allowed to do other client operations.
QIBM_QTMF_CLIENT_REQ_3	Allowed	Not used	Change Directory	Use of the client subcommand LCD to change the current directory.
QIBM_QTMF_CLIENT_REQ_6	Allowed	Not used	Send Files	Use of the client subcommands PUT, MPUT, and APPEND to send files.
QIBM_QTMF_CLIENT_REQ_7	Allowed	Not used	Receive Files	Use of the client subcommands GET and MGET to receive files.
QIBM_QTMF_CLIENT_REQ_9	Allowed	Not used	CL Commands	Use of the client subcommand SYSCMD to run CL commands.
QIBM_QTMF_CLIENT_REQ_10	Allowed	Not used	Clear Command Channel	Use of the client subcommand CCC to end encryption of the control connection.
QIBM_QTMF_SERVER_REQ_0	Allowed	Not used	Logon Server	Permission to log on to the FTP server. Must be allowed to use other server operations.
QIBM_QTMF_SERVER_REQ_1	Allowed	Not used	Create Directory/Library	Use of the server subcommand MKD to create directories.
QIBM_QTMF_SERVER_REQ_2	Allowed	Not used	Delete Directory/Library	Use of the server subcommand RMD to delete directories.
QIBM_QTMF_SERVER_REQ_3	Allowed	Not used	Change Directory	Use of the server subcommand CWD to change current directory.
QIBM_QTMF_SERVER_REQ_4	Allowed	Not used	List Files	Use of the server subcommands LIST and NLST.
QIBM_QTMF_SERVER_REQ_5	Allowed	Not used	Delete Files	Use of the server subcommand DELE to delete files.
QIBM_QTMF_SERVER_REQ_6	Allowed	Not used	Send Files	Use of the server subcommand RETR to send files to client.
QIBM_QTMF_SERVER_REQ_7	Allowed	Not used	Receive Files	Use of the server subcommands STOR, STOU,and APPE to receive files from client.
QIBM_QTMF_SERVER_REQ_8	Allowed	Not used	Rename Files	Use of the server subcommands RNFR and RNTO to rename files.
QIBM_QTMF_SERVER_REQ_9	Allowed	Not used	CL Commands	Use of the server subcommand RCMD to run CL commands.
QIBM_QTMF_SERVER_REQ_10	Denied	Not used	Clear Command Channel	Use of the server subcommand CCC to end encryption of the control connection.
QIBM_QTMS_SERVER_REQ_0	Allowed	Not used	Send E-mail	Mail operations using the following interfaces: Create and Send MIME E-mail (QtmsCreateSendEmail) API Send MIME Mail (QtmmSendMail) API Send SMTP E-mail Message (SNDSMTPEMM) command Work with SMTP E-mail Messages (WRKSMTPEMM) command Controls whether the IBM i SMTP server allows or restrict the ability of the user passed by SMTP client to do authentication verification.

Table 3. Function IDs for Backup, Recovery, and Media Services for IBM i (BRMS) (5770BR2). For more information see the Set User Usage for BRM (SETUSRBRM) command and the Backup, Recovery, and Media Services (BRMS) topic.
Function ID	Default authority (Allowed or Denied)	*ALLOBJ special authority (Used or Not used)	Function name	Description
QIBM_Q1A_ARC	Denied¹	Not used	Basic archive activities	Perform basic archive activities using the following interfaces: Display Log for BRM (DSPLOGBRM) command TYPE(ARC) Start Archive using BRM (STRARCBRM) command Work with Lists using BRM (WRKLBRM) command TYPE(ARC) Work with Policies using BRM (WRKPCYBRM) command TYPE(*ARC)
QIBM_Q1A_ARC_CTLG_BRM_XXXXXXXXXX²	Denied¹	Not used	Archive control group	Perform create, edit, delete, or execute activities for individual archive control group names using the following interfaces: Start Archive using BRM (STRARCBRM) command Work with Archive Control Groups (WRKCTLGBRM) command TYPE(*ARC)
QIBM_Q1A_ARC_CTLG_BRM.XXXXXXXXXX³	Denied¹	Not used	Archive control group
QIBM_Q1A_ARC_PCY	Denied¹	Not used	Archive policy	Change the Archive Policy used by Archive Control using the following interface: Work with Policies using BRM (WRKPCYBRM) command TYPE(*ARC)
QIBM_Q1A_BKU	Denied¹	Not used	Basic backup activities	Perform basic backup activities using the following interfaces: Analyze Libraries using BRM (ANZLIBBRM) command BRMS Control Group APIs Display Backup Plan using BRM (DSPBKUBRM) command Display Log for BRM (DSPLOGBRM) command TYPE(BKU) Monitor Save While Active (MONSWABRM) command Print Report using BRM (PRTRPTBRM) command Save Object using BRM (SAVBRM) command Save DLO using BRM (SAVDLOBRM) command Save Folder List using BRM (SAVFLRLBRM) command Save Library using BRM (SAVLIBBRM) command Save Media Info using BRM (SAVMEDIBRM) command Save Object using BRM (SAVOBJBRM) command Save Object List using BRM (SAVOBJLBRM) command Save Save Files using BRM (SAVSAVFBRM) command Save System using BRM (SAVSYSBRM) command Start Backup using BRM (STRBKUBRM) command Start Subsystems using BRM (STRSBSBRM) command Work with Control Groups (WRKCTLGBRM) command Work with Lists using BRM (WRKLBRM) command TYPE(BKU)
QIBM_Q1A_BKU_PCY	Denied¹	Not used	Backup policy	Change the Archive Policy used by Archive Control Groups using the following interface: Work with Policies using BRM (WRKPCYBRM) command TYPE(*BKU)
QIBM_Q1A_BKU_CTLG_BRM_XXXXXXXXXX²	Denied¹	Not used	Backup control group	Perform create, edit, delete, or execute activities for individual backup control group names using the following interfaces: Start Backup using BRM (STRBKUBRM) command Work with Backup Control Groups (WRKCTLGBRM) command TYPE(*BKU)
QIBM_Q1A_BKU_CTLG_BRM.XXXXXXXXXX³	Denied¹	Not used	Backup control group
QIBM_Q1A_BKU_LIST_XXXXXXXXXX²	Denied¹	Not used	List name	Perform create, edit, delete, or execute activities for individual backup list name using the following interface: Work with Lists using BRM (WRKLBRM) command
QIBM_Q1A_ENT	Denied¹	Not used	BRMS Enterprise	Perform BRMS enterprise activities using BRMS Enterprise.
QIBM_Q1A_MED	Denied¹	Not used	Basic media activities	Perform basic media activities using the following interfaces: Add Media to BRM (ADDMEDBRM) command Add Media Information to BRM (ADDMEDIBRM) command Add Media Library Media to BRM (ADDMLMBRM) command Change Media using BRM (CHGMEDBRM) command Check Expired Media for BRM (CHKEXPBRM) command Copy Media Info for BRM (CPYMEDIBRM) command Display Duplicate Media (DSPDUPBRM) command Display Log for BRM (DSPLOGBRM) command TYPE(MED) Duplicate Media using BRM (DUPMEDBRM) command Extract Media Information (EXTMEDIBRM) command Initialize Media using BRM (INZMEDBRM) command Move Spooled Files using BRM (MOVSPLFBRM) command Print Labels using BRM (PRTLBLBRM) command Print Media Exceptions for BRM (PRTMEDBRM) command Remove Media Volumes from BRM (RMVMEDBRM) command Remove Media Info from BRM (RMVMEDIBRM) command Set Media Controls using BRM (SETMEDBRM) command Start Media Balancing for BRM (STRBALBRM) command Start Expiration for BRM (STREXPBRM) command Work with Classes using BRM (WRKCLSBRM) command TYPE(MED) Work with Saved Folders (WRKFLRBRM) command Work with Link Information (WRKLNKBRM) command Work with Media using (WRKMEDBRM) command Work with Media Information (WRKMEDIBRM) command Work with Media Libraries (WRKMLBBRM) command Work with Saved Objects (WRKOBJBRM) command Work with Policies using BRM (WRKPCYBRM) command TYPE(*MED) Work with Save Files (WRKSAVFBRM)) command Work with Saved Spooled Files (WRKSPLFBRM) command
QIBM_Q1A_MED_ADV	Denied¹	Not used	Advanced media activities	Expire, change, remove, register, or initialize media using the following interface: Work with Media using (WRKMEDBRM) command
QIBM_Q1A_MED_INF	Denied¹	Not used	Media information	Change or remove media information using the following interface: Work with Media using (WRKMEDBRM) command
QIBM_Q1A_MED_CLS_XXXXXXXXXX²	Denied¹	Not used	Media class	Perform create, edit, delete activities for individual media class name using the following interface: Work with Classes using BRM (WRKCLSBRM) command TYPE(*MED)
QIBM_Q1A_MED_PCY_XXXXXXXXXX²	Denied¹	Not used	Media policy	Perform create, edit, delete activities for individual media policy name using the following interface: Work with Media Policies (WRKPCYBRM) command TYPE(*MED)
QIBM_Q1A_MGR	Denied¹	Not used	Basic migration activities	Perform basic migration activities using the following interfaces: Display Log for BRM (DSPLOGBRM) command TYPE(MGR) Migrate using BRM (MGRBRM) command Start Migration using BRM (STRMGRBRM) command Work with Lists using BRM (WRKLBRM) command TYPE(MGR) Work with Migration Info (WRKMGRIBRM) command Work with Policies using BRM (WRKPCYBRM) command TYPE(*MGR)
QIBM_Q1A_MGR_INF	Denied¹	Not used	Migration information	Change or remove migration information using the following interface: Work with Migration Info (WRKMGRIBRM) command
QIBM_Q1A_MGR_PCY	Denied¹	Not used	Migration policy	Change the migration policy used for migrating data using the following interface: Work with Policies using BRM (WRKPCYBRM) command TYPE(*MGR)
QIBM_Q1A_MGR_CTLG_BRM_XXXXXXXXXX²	Denied¹	Not used	Migration control group	Perform create, edit, delete, or execute activities for individual migration control group names using the following interfaces: Start Migration using BRM (STRMGRBRM) command Work with Migration Control Groups (WRKCTLGBRM) command TYPE(*MGR)
QIBM_Q1A_MGR_CTLG_BRM.XXXXXXXXXX³	Denied¹	Not used	Migration control group
QIBM_Q1A_MOV	Denied¹	Not used	Basic movement activities	Perform basic movement activities using the following interfaces: Move Media using BRM (MOVMEDBRM) command Print Media Movement (PRTMOVBRM) command Verify Moves using BRM (VFYMOVBRM) command Work with Calendars using BRM (WRKCALBRM) command Work with Classes using BRM (WRKCLSBRM) command TYPE(CNR) Work with Containers using BRM (WRKCNRBRM) command Work with Locations using BRM (WRKLOCBRM) command Work with Policies using BRM (WRKPCYBRM) command TYPE(MOV)
QIBM_Q1A_MOV_VFY	Denied¹	Not used	Move verification	Verify media volume movement using the following interface: Verify Moves using BRM (VFYMOVBRM) command
QIBM_Q1A_MOV_PCY_XXXXXXXXXX²	Denied¹	Not used	Move policy	Perform create, edit, delete activities for individual move policy name using the following interface: Work with Move Policies (WRKPCYBRM) command TYPE(*MOV)
QIBM_Q1A_RCY	Denied¹	Not used	Basic recovery activities	Perform basic recovery activities using the following interfaces: Restore Authority using BRM (RSTAUTBRM) command Restore Object using BRM (RSTBRM) command Restore DLO using BRM (RSTDLOBRM) command Restore Library using BRM (RSTLIBBRM) command Restore Object using BRM (RSTOBJBRM) command Start Recovery using BRM (STRRCYBRM) command Display Log for BRMS (DSPLOGBRM) command Work with Policies using BRM (WRKPCYBRM) command TYPE(*RCY) Work with Recovery Activities (WRKRCYBRM) command
QIBM_Q1A_RCY_PCY	Denied¹	Not used	Recovery policy	Change the Recovery Policy used by any restore BRMS process using the following interface: Work with Policies using BRM (WRKPCYBRM) command TYPE(*RCY)
QIBM_Q1A_RTV	Denied¹	Not used	Basic retrieval activities	Perform basic retrieval activities using the following interfaces: Display Log for BRMS (DSPLOGBRM) command TYPE(RTV) Resume Retrieve using BRM (RSMRTVBRM) command Set Retrieve Controls for BRM (SETRTVBRM) command Work with Policies using BRM (WRKPCYBRM) command TYPE(RTV)
QIBM_Q1A_RTV_PCY	Denied¹	Not used	Retrieve policy	Change the Retrieve Policy used during the retrieve process using the following interface: Work with Policies using BRM (WRKPCYBRM) command TYPE(*RTV)
QIBM_Q1A_INZBRM	Denied¹	Not used	Initialize BRM	Perform initialization using the following interface: Initialize BRMS (INZBRM) command
QIBM_Q1A_SYS	Denied¹	Not used	Basic activities	Perform system related functions using the following interfaces: Change Job Scheduler (CHGSCDBRM) command Display ASP Information (DSPASPBRM) command Remove Log Entries from BRM (RMVLOGEBRM) command Start Maintenance for BRM (STRMNTBRM) command Work with ASP Descriptions (WRKASPBRM) command Work with Classes using BRM (WRKCLSBRM) command TYPE(ASP) Work with Devices using BRM (WRKDEVBRM) command Work with Media Library Media (WRKMLMBRM) command Work with Policies using BRM (WRKPCYBRM) command TYPE(SYS)
QIBM_Q1A_SYS_ASP	Denied¹	Not used	Auxiliary Storage Pools (ASP)	Work with ASPs using the following interface: Work with ASP Descriptions (WRKASPBRM) command
QIBM_Q1A_SYS_DEV	Denied¹	Not used	Devices	Work with devices using the following interface: Work with Devices using BRM (WRKDEVBRM) command
QIBM_Q1A_SYS_MNT	Denied¹	Not used	Maintenance	Perform BRMS maintenance using the following interface: Start Maintenance for BRM (STRMNTBRM) command
QIBM_Q1A_SYS_PCY	Denied¹	Not used	System policy	Change the System Policy for overall BRMS system management using the following interface: Work with Policies using BRM (WRKPCYBRM) command TYPE(*SYS)
¹ The default authority is Denied after a new install of release 7.5. The default authority is Allowed after a new install of a release previous to 7.5. The default authority will not change on an upgrade. ² This function ID is used for a named item that was created by a user. The XXXXXXXXXX is replaced with the specific item name. ³ This function ID is used for a BRMS generated special value item name that begins with ''. The XXXXXXXXX is replaced with the generated item name without the ''.

Table 4. Function IDs for IBM i Access Client Solutions (ACS) (5733XJ1) created when ACS is registered using IBM Navigator for i (Security > Function Usage > Actions > Register/Unregister applications...). ACS also uses some of the function IDs created for Heritage IBM Navigator for i.
Function ID	Default authority (Allowed or Denied)	*ALLOBJ special authority (Used or Not used)	Function name	Description
QIBM_XE1_5250	Allowed	Used	5250 Display and Printer Emulator	Provides support for PC clients to work with the server using a 5250 emulator.
QIBM_XE1_DDWNLD_AO	Allowed	Used	ActiveX Automation Downloads	Provides support to download server data using ActiveX Automation Objects.
QIBM_XE1_DDWNLD_AUTO	Allowed	Used	Autostart Downloads	Provides support to download server data using auto-start and auto-close.
QIBM_XE1_DDWNLD_EXCEL	Allowed	Used	Excel Add-in Downloads	Provides support to download server data using the Data Transfer Excel Add-in.
QIBM_XE1_DDWNLD_GUI	Allowed	Used	GUI Downloads	Provides support to download server data using the Data Transfer user interface.
QIBM_XE1_DDWNLD_RTOPCB	Allowed	Used	Use of RTOPCB	Provides support to download server data using the Data Transfer command line interface.
QIBM_XE1_DOT_NET	Allowed	Used	.NET Data Provider	Provides access to Db2 UDB for IBM i databases for .NET development.
QIBM_XE1_DUPLD_AO	Allowed	Used	ActiveX Automation Uploads	Provides support to upload data using ActiveX Automation Objects.
QIBM_XE1_DUPLD_APPREP	Allowed	Used	Appending or Replacing Host Files	Provides support to append to server files or replace server file members.
QIBM_XE1_DUPLD_AUTO	Allowed	Used	Autostart Uploads	Provides support to upload data using auto-start and auto-close.
QIBM_XE1_DUPLD_CRTF_BASED	Allowed	Used	File Creation Based on Existing Server Files	Provides support to create server Database files based on existing server files.
QIBM_XE1_DUPLD_EXCEL	Allowed	Used	Excel Add-in Uploads	Provides support to upload server data using the Data Transfer Excel Add-in.
QIBM_XE1_DUPLD_GUI	Allowed	Used	GUI Uploads	Provides support to upload data using the Data Transfer user interface.
QIBM_XE1_DUPLD_RFROMPCB	Allowed	Used	Use of RFROMPCB	Provides support to upload data using the Data Transfer command line interface.
QIBM_XE1_DUPLD_WIZ_CRTF	Allowed	Used	File Creation Based on PC File or Excel Spreadsheet	Provides support to create server Database files based on a PC file or Excel spreadsheet.
QIBM_XE1_ODBC	Allowed	Used	ODBC Support	Provides access to server data using the ODBC driver.
QIBM_XE1_OLEDB	Allowed	Used	OLE DB Provider	Provides access to server tables, data queues, programs, and commands.
QIBM_XE1_RMTCMD	Allowed	Used	Remote Command - Command Line	Provides support to run commands on a server from the Windows command line.

Table 5. Function IDs for IBM Navigator for i
Function ID	Default authority (Allowed or Denied)	*ALLOBJ special authority (Used or Not used)	Function name	Description
QIBM_NAV_ALL_FUNCTION	Denied	Used	Use of all IBM Navigator for i functions	Use of all Navigator for i functions.
QIBM_NAV_CONF_SRV	Allowed	Used	Configuration and Service	Configuration and service function of Navigator for i.
QIBM_NAV_CUSTOM_CHARTS	Allowed	Used	Custom charts	Custom charts function of Navigator for i.
QIBM_NAV_FILE_SYSTEM	Allowed	Used	File system	File system function of Navigator for i.
QIBM_NAV_MONITORS	Allowed	Used	Monitors	Monitor function of Navigator for i.
QIBM_NAV_NETWORK	Allowed	Used	Network	Network function of Navigator for i.
QIBM_NAV_PDI	Allowed	Used	Performance	Performance function of Navigator for i.
QIBM_NAV_SECURITY	Allowed	Used	Security	Security function of Navigator for i.
QIBM_NAV_SERVICEABILITY	Denied	Used	Serviceability	Serviceability function of Navigator for i.
QIBM_NAV_SYSTEM	Allowed	Used	System	System function of Navigator for i.
QIBM_NAV_USERS_GROUPS	Allowed	Used	Users and groups	Users and groups function of Navigator for i.
QIBM_NAV_WRK_MGT	Allowed	Used	Work management	Work management function of Navigator for i.

Table 6. Function IDs for IBM i Common Information Model server (CIMOM) (5770UME)
Function ID	Default authority (Allowed or Denied)	*ALLOBJ special authority (Used or Not used)	Function name	Description
QIBM_QUME_CIMOM_METRIC	Denied	Used	Access to the CIM Performance Provider	Permission to access the performance data by Metric provider.
QIBM_QYCM_CIMOM_CREATE_CLASS	Denied	Used	Create class	Permission to create a class.
QIBM_QYCM_CIMOM_DELETE_CLASS	Denied	Used	Delete class	Permission to delete a class.
QIBM_QYCM_CIMOM_ENUM_CLASS	Allowed	Used	Enumerate classes	Permission to retrieve a list of classes.
QIBM_QYCM_CIMOM_ENUM_CLASS_NAM	Allowed	Used	Enumerate class names	Permission to retrieve a list of class names.
QIBM_QYCM_CIMOM_GET_CLASS	Allowed	Used	Get class	Permission to retrieve a class
QIBM_QYCM_CIMOM_MODIFY_CLASS	Denied	Used	Modify class	Permission to modify a class.
QIBM_QYCM_CIMOM_DELETE_QUAL	Denied	Used	Delete qualifier	Permission to delete a qualifier.
QIBM_QYCM_CIMOM_ENUM_QUAL	Allowed	Used	Enumerate Qualifiers	Permission to retrieve a list of qualifiers.
QIBM_QYCM_CIMOM_GET_QUAL	Allowed	Used	Get Qualifier	Permission to retrieve a qualifier.
QIBM_QYCM_CIMOM_SET_QUAL	Denied	Used	Set Qualifier	Permission to set a qualifier.

Table 7. Function IDs for Heritage IBM Navigator for i created when Heritage Navigator for i is registered using IBM Navigator for i (Security > Function Usage > Actions > Register/Unregister applications...). These function IDs are no longer used by Heritage Navigator but some are still used by ACS.
Function ID	Default authority (Allowed or Denied)	*ALLOBJ special authority (Used or Not used)	Function name	Description
QIBM_XD1_OPNAV_ALLFUNC	Allowed	Used	Use of IBM Navigator for i functions	Control the access of all IBM Navigator for i functions.
QIBM_XD1_OPNAV_ALLTSKIFS	Allowed	Used	Integrated File System Tasks	Integrate File System Tasks.
QIBM_XD1_OPNAV_AUTHLIST	Allowed	Used	Authorization Lists	Create and maintain authorization lists.
QIBM_XD1_OPNAV_BRMS	Allowed	Used	Backup, Recovery and Media Services	Backup, Recovery and Media Services.
QIBM_XD1_OPNAV_CHGPASS	Allowed	Used	Change Password	Change Password.
QIBM_XD1_OPNAV_CRYPTO	Allowed	Used	Cryptographic Services Key Management	Manage cryptographic master keys and key stores.
QIBM_XD1_OPNAV_DASHBOARD	Allowed	Used	Dashboard	Dashboard.
QIBM_XD1_OPNAV_DBLIBS	Allowed	Used	Schemas	Work with Db2 UDB objects.
QIBM_XD1_OPNAV_DSKMGT	Allowed	Used	Disk Management	Disk Management.
QIBM_XD1_OPNAV_FSQDLS	Allowed	Used	QDLS	Work with files in the QDLS integrated file system.
QIBM_XD1_OPNAV_FSQFILESVR	Allowed	Used	QFileSvr.400	Work with files in the QFileSvr.400 integrated file system.
QIBM_XD1_OPNAV_FSQLANSRV	Allowed	Used	QLANSrv	Work with files in the QLANSrv integrated file system.
QIBM_XD1_OPNAV_FSQNETWARE	Allowed	Used	QNetWare	Work with files in the QNetWare integrated file system.
QIBM_XD1_OPNAV_FSQNTC	Allowed	Used	QNTC	Work with files in the QNTC integrated file system.
QIBM_XD1_OPNAV_FSQOPENSYS	Allowed	Used	QOpenSys	Work with files in the QOpenSys integrated file system.
QIBM_XD1_OPNAV_FSQOPT	Allowed	Used	QOPT	Work with files in the QOPT integrated file system.
QIBM_XD1_OPNAV_FSQSYSLIB	Allowed	Used	QSYS.LIB	Work with files in the QSYS.LIB integrated file system.
QIBM_XD1_OPNAV_FSROOT	Allowed	Used	Root	Work with files in the Root integrated file system.
QIBM_XD1_OPNAV_HARDINV	Allowed	Used	Hardware	Displays the hardware on the server.
QIBM_XD1_OPNAV_HASM	Allowed	Used	High Availability Solutions Manager	High Availability Solutions Manager.
QIBM_XD1_OPNAV_INTERNET	Allowed	Used	Internet	Access to Internet applications.
QIBM_XD1_OPNAV_IPSECURITY	Allowed	Used	IP Policies	Configure TCP/IP Security.
QIBM_XD1_OPNAV_JOBMGMT	Allowed	Used	Jobs	Work with jobs.
QIBM_XD1_OPNAV_MESSAGES	Allowed	Used	Messages	Work with messages.
QIBM_XD1_OPNAV_MSGQ	Allowed	Used	Message Queues	Work with messages queues.
QIBM_XD1_OPNAV_NETCONFIG	Allowed	Used	Internet Configurations	Internet Configurations.
QIBM_XD1_OPNAV_NETSVR	Allowed	Used	IBM i Server	Information of IBM i server.
QIBM_XD1_OPNAV_OMNIFIND	Allowed	Used	OmniFind	OmniFind.
QIBM_XD1_OPNAV_PARTMGT	Allowed	Used	Partition Management	Partition Management.
QIBM_XD1_OPNAV_PERMISSION	Allowed	Used	Permission	Permission configuration.
QIBM_XD1_OPNAV_POWERHA	Allowed	Used	PowerHA®	PowerHA.
QIBM_XD1_OPNAV_PRINTERS	Allowed	Used	Printers	Manage printers.
QIBM_XD1_OPNAV_PRINTOUT	Allowed	Used	Printer Output	Work with printer output.
QIBM_XD1_OPNAV_PROTOCOL	Allowed	Used	TCP/IP Configuration	Set up and manage TCP/IP communications.
QIBM_XD1_OPNAV_PTTOPT	Allowed	Used	Remote Access Services	Manage point-to-point communication for the server.
QIBM_XD1_OPNAV_SECPOLICY	Allowed	Used	Policies	Maintain security policies.
QIBM_XD1_OPNAV_SERVERS	Allowed	Used	Servers	Set up and monitor network servers.
QIBM_XD1_OPNAV_SOFTINV	Allowed	Used	Software	Displays the software for the server.
QIBM_XD1_OPNAV_TMPSTGDTL	Allowed	Used	Temporary Storage Details	Temporary Storage Details.
QIBM_XD1_OPNAV_USRGRP	Allowed	Used	Users and Groups	Manage IBM i users and user groups.
QIBM_XE1_OPNAV_5250	Allowed	Used	5250 Emulation	5250 Emulation session.
QIBM_XE1_OPNAV_ACTJOB	Allowed	Used	Active Jobs	Work with active jobs.
QIBM_XE1_OPNAV_AFPMGR	Allowed	Used	AFP Manager	Manage AFP resources, PSF configurations, and font tables.
QIBM_XE1_OPNAV_AJS	Allowed	Used	Advanced Job Scheduler	Advanced Job Scheduler.
QIBM_XE1_OPNAV_APPADMIN	Allowed	Used	Application Administration	Display the functions or applications available to users on this server.
QIBM_XE1_OPNAV_DBOMNIFIND	Allowed	Used	OmniFind Text Search	OmniFind Text Search.
QIBM_XE1_OPNAV_DBSQLPCS	Allowed	Used	SQL Plan Cache Snapshots	Access the system plan cache and create snapshots of the plan cache.
QIBM_XE1_OPNAV_DBSQLPM	Allowed	Used	SQL Performance Monitors	Monitor server SQL performance.
QIBM_XE1_OPNAV_DBXACT	Allowed	Used	Transactions	Work with transactions on the server.
QIBM_XE1_OPNAV_DSKSTS	Allowed	Used	Disk Status	Display the current disk status.
QIBM_XE1_OPNAV_DSKWATCH	Allowed	Used	Disk Watcher	Disk Watcher
QIBM_XE1_OPNAV_EIM	Allowed	Used	Enterprise Identity Mapping	Set up Enterprise Identity Mapping and participate in an EIM domain.
QIBM_XE1_OPNAV_FSNETSRV	Allowed	Used	File Shares	Work with shared files set up with IBM i Netserver.
QIBM_XE1_OPNAV_HISTLOG	Allowed	Used	History Log	Display the history log.
QIBM_XE1_OPNAV_IBMISVC	Allowed	Used	IBM i Services	Work with IBM i services.
QIBM_XE1_OPNAV_IDS	Allowed	Used	Intrusion Detection	Configure, manage, and monitor intrusion detection on the system.
QIBM_XE1_OPNAV_INVDTA	Allowed	Used	Investigate Data	Investigate data tasks.
QIBM_XE1_OPNAV_JOBD	Allowed	Used	Job Descriptions	Work with job descriptions.
QIBM_XE1_OPNAV_JOBQUE	Allowed	Used	Job Queues	Work with job queues.
QIBM_XE1_OPNAV_JOBWATCH	Allowed	Used	Job Watcher	Job Watcher
QIBM_XE1_OPNAV_JOURNAL	Allowed	Used	Journal	Journaling on the IBM i.
QIBM_XE1_OPNAV_MEMPOOL	Allowed	Used	Memory Pools	Work with memory pools.
QIBM_XE1_OPNAV_MNGCOL	Allowed	Used	Manage Collections	Work with collections.
QIBM_XE1_OPNAV_MSGMON	Allowed	Used	Message Monitors	Work with message monitors.
QIBM_XE1_OPNAV_NETAS	Allowed	Used	Network Authentication Service	Set up Kerberos.
QIBM_XE1_OPNAV_OUTQUES	Allowed	Used	Output Queues	Work with output queues.
QIBM_XE1_OPNAV_PTFS	Allowed	Used	PTFs	Displays PTFs on the system.
QIBM_XE1_OPNAV_RUNCMD	Allowed	Used	Run Command	Run an IBM i CL Command.
QIBM_XE1_OPNAV_SRVJOB	Allowed	Used	Server Jobs	Work with server jobs.
QIBM_XE1_OPNAV_SUBSYS	Allowed	Used	Subsystems	Work with subsystems.
QIBM_XE1_OPNAV_SYSMON	Allowed	Used	System Monitors	Work with system monitors.
QIBM_XE1_OPNAV_SYSOPRMSGS	Allowed	Used	System Operator Messages	System operator messages.
QIBM_XE1_OPNAV_SYSSTS	Allowed	Used	System Status	Displays current system status.
QIBM_XE1_OPNAV_SYSVAL	Allowed	Used	System Values and Time Management	Work with system values.
QIBM_XE1_OPNAV_WINADM	Allowed	Used	Integrated Server Administration	Manage integrated servers.

Table 8. Obsolete function IDs
These function IDs are no longer used:
QIBM_QINAV_WEB_CONFIGURE QIBM_QINAV_WEB_FUNCTIONS QIBM_QINAV_WEB_INTERFACE	QIBM_QZHB_HTTPSERVERADMIN QIBM_QZHB_HTTPSERVERDEFAULT