The PEM client can be any APPC logical unit (LU) or node that
is capable of initiating a conversation with the architected sign-on
transaction. However,
the benefits of using APPC PEM are increased when using an LU or node
that does not have its own ESM; for example, a programmable workstation.
APPC PEM enables users of such LUs or nodes to manage their password
values within the ESM used by CICS®. The PEM client is linked
to a PEM server.
A PEM server
The PEM server can be any APPC LU that supports APPC PEM. This
information describes the PEM server provided by CICS Transaction Server for z/OS®,
Version 5 Release 3.
It is referred to in the rest of this book as the CICS PEM server.
An external security manager
An external security manager, such as RACF®,
or an equivalent ESM, must be available to the PEM server.
The PEM client (requester) and the PEM server are linked
by an APPC session. This
configuration is shown in Figure 1 .
Figure 1. APPC PEM configuration
