CA IDMS supports both internal and external security, at various levels. Managing user and group definitions can be done in various ways and can be implemented with different levels of authorization.
When users are secured, any access to userids is limited by the security held by the user trying to access them. There are no errors issued for a display, but the user will only see what they have authority to see. If a user does not have any authority, the attempts to DIPLAY a user, or DISPLAY ALL USERS, will yield no rows found and with no error message.
Any CA IDMS environment with internal security.
First, if the goal is to secure access to user and group definitions, then RESTYPE=USER should be secured in your SRTT. This is recommended because you don't want just anyone to go out and mess with your user definitions. SYSADMIN should also be secured, because that controls who will have this important level of access.
When users are secured, any access to userids is limited by the security held by the user trying to access them. There are no errors issued for a display, but the user will only see what they have authority to see. If the issuing user has not been granted access to any userids, or any global level of authority, then they will see nothing; that is the way this is designed to work. There are a few levels of security involved here, so you have a few options, depending on what you want users to be able to do:
Details on Security commands and concepts can be found in the CA IDMS Security Administration guide.
Release: IDADSO00100-18.5-ADS-for CA-IDMS