To use APPC PEM, you need a PEM client, a PEM server, and an external security
manager.
A PEM client
The PEM client can be any APPC logical unit (LU) or node that is capable of initiating a
conversation with the architected sign-on transaction. However, the benefits of using APPC PEM are
increased when using an LU or node that does not have its own ESM; for example, a programmable
workstation. APPC PEM enables users of such LUs or nodes to manage their password values within the
ESM used by CICS®. The
PEM client is linked to a PEM server.
A PEM server
The PEM server can be any APPC LU that supports APPC PEM. This information describes the PEM
server provided by CICS Transaction Server for z/OS®, Version 5 Release 6. It is
referred to in the rest of this book as the CICS PEM
server.
An external security manager
An external security manager, such as RACF®, or an equivalent ESM, must be available to the PEM server.
The PEM client (requester) and the PEM server are linked by an APPC session. This configuration
is shown in Figure 1 . Figure 1. APPC PEM
configuration