Privileged Access Manager
Step1: Install QWS3270Plus (For "TN3270" you must use QWS3270plus and not QWS3270Secure or the connection will fail)
Step2: Create device for your mainframe (in this sample, it is "Mainframe")
Step3: Create target application
Application Type is "IBM i"
Once you select this then you will see "IBM i" tab.
As this is "TN3270" connection, SSL/TLS must be unchecked.
Step4: Create target account
Step4: Create TCP Service
In this sample, the mainframe is listening on TCP port 23 so the
Ports is set to "23:*" to ensure the destination is port 23 and local port will be ephemeral port.
Protocol is "TCP"
Application Protocol must be "TELNET"
Mainframe Protocol is "TN3270" (This sample is only for TN3270)
Client Application is "C:\QWS3270PLUS\qws3270p.exe" <Local IP> <First Port>
Step5: Associate Service with Device.
Step6: Create Policy
Ensure the target account is associated for auto-login.
Now the Access page should display the "QWS3270 NON-SECURE" service.
PAM will inject the user credentials so auto-login works.