CICS PEM server processing

The CICS PEM server performs the following processing:
  1. Accepts the userid and password, with optional new password, from the sign-on PEM client.
  2. Tries to validate the user with its ESM.
    If the userid and password are valid and the password has not expired, the CICS PEM server extracts the following information from its ESM:
    • Date and time of the last successful sign-on
    • Data and time the password will expire (calculated by data extracted from the ESM by the CICS PEM server itself)
    • Number of unsuccessful sign-on attempts since the last successful sign-on.
  3. Returns a response to the PEM client, indicating whether the sign-on was succeeded or failed, and the reason for any failure:
    Status           = (X'00') OK
    Date-Time        = Current date and time
    Last-Date-Time   = Date and time of previous successful sign-on
    Expiry-Date-Time = Date and time password will expire
    Revoke-Count     = Number of unsuccessful sign-on attempts made with
                       this userid since the previous successful sign-on
    For detailed information about the response, see PEM client input and output data.
    Note: The ESM increments the revoke count whenever it processes an invalid sign-on attempt. The sign-on request may originate from a non-CICS system (for example, a TSO user).

    If sign-on is unsuccessful, CICS returns to the PEM client a sign-on completion status value and, if appropriate, a formatting error value. See PEM client input and output data for more information.

  4. If PV is being used (either ATTACHSEC=PERSISTENT or ATTACHSEC=MIXIDPE is specified on the CONNECTION definition), and sign-on is successful, adds the user's name to the PV signed-on-from list.