The CICS PEM server performs the following processing:
- Accepts the userid and password, with optional new password, from the
sign-on PEM client.
- Tries to validate the user with its ESM.
If the userid and password
are valid and the password has not expired, the CICS PEM server extracts the
following information from its ESM:
- Date and time of the last successful sign-on
- Data and time the password will expire (calculated by data extracted from
the ESM by the CICS PEM server itself)
- Number of unsuccessful sign-on attempts since the last successful sign-on.
- Returns a response to the PEM client, indicating whether the sign-on was
succeeded or failed, and the reason for any failure:
Status = (X'00') OK
Date-Time = Current date and time
Last-Date-Time = Date and time of previous successful sign-on
Expiry-Date-Time = Date and time password will expire
Revoke-Count = Number of unsuccessful sign-on attempts made with
this userid since the previous successful sign-on
For
detailed information about the response, see PEM client input and output data.
Note: The ESM increments the revoke count whenever it processes an invalid
sign-on attempt. The sign-on request may originate from a non-CICS system
(for example, a TSO user).
If sign-on is unsuccessful, CICS returns to the PEM client a sign-on completion
status value and, if appropriate, a formatting error value. See PEM client input and output data for
more information.
- If PV is being used (either ATTACHSEC=PERSISTENT or ATTACHSEC=MIXIDPE
is specified on the CONNECTION definition), and sign-on is successful, adds
the user's name to the PV signed-on-from list.