The easiest way to secure ODBC access to CA-IDMS data is with TASK-level security. 

Release: All supported releases.

Component: IDMS Server

Enable task level security internally in RHDCSRTT:-

     #SECRTT TYPE=ENTRY,SECBY=INT,RESTYPE=TASK

Create a RESOURCE CATEGORY in OCF with the appropriate tasks:- 

     CREATE RESOURCE CATEGORY ODBC_AUTH
         ADD TASK CASERVER
         ADD TASK IDMSJSRV
         ;                             

If you are using protocol CCI, task CASERVER must be included (shown above).

If you are using protocol IDMS (the "wire" protocol), then whichever TASK is specified on the PARM IS clause of your bulk PTERM must be included. This is normally IDMSJSRV, as is shown here.

     ADD PTERM TCPJSRV
         ENABLED
         IN LINE TCPIP
         MAXIMUM ERRORS IS 3
         PRINTER CLASS IS 1
         READBUFFER
         TYPE IS LISTENER
         TASK IS RHDCNP3J MODE IS SYSTEM
         PORT IS 3799
         BACKLOG IS 100
         IP STACK NAME IS TCPIP99
         PARM IS
             'TASK=IDMSJSRV'
         MAXIMUM NUMBER OF CONNECTIONS IS OFF
         .    

Also, if using the IDMS protocol, you must completely unsecure task RHDCNP3J because the line driver invokes it before the user id and password are received. This can be done by creating a RESOURCE CATEGORY and GRANTing it to PUBLIC ... 

     CREATE RESOURCE CATEGORY RHDCNP3J
         ADD TASK RHDCNP3J           
         ; 

     GRANT EXECUTE ON CATEGORY RHDCNP3J
         TO PUBLIC;                            

Once these security definitions are in place, you can grant individual users (or groups) access to execute ODBC tasks with this:-  

     GRANT EXECUTE ON CATEGORY ODBC_AUTH
         TO JOHN_SMITH;