Extract certificate for renewal with the ACF2 GENREQ command getting:
CAS20EDE Operation GENREQ cannot be performed - User is not defined as OMVS user.
GENCERT of a certificate getting:
CAS20EDE Operation GENCERT cannot be performed - User is not defined as OMVS user
Component : ACF2 for z/OS
In order to issue the GENCERT command the logonid that is issuing the command must be defined to OMVS. The logonid must have a UID and GID assigned. With ACF2 UID and GID are assigned by ACF2 USER Profile records. UIDs and GIDs can be auto-assigned however, this is optional and must be configured. Also note that in order to issue the GENCERT command the logonid needs security authorization by either having SECURITY, Scoped SECURITY or access to the ACFCMD.DIGTCERT.command resource rules in the CASECAUT class as indicated in Command Authorization Requirements.
The following can be done to determine if the logonid is defined to OMVS:
To address the error ensure that the logonid issuing the command has an OMVS User Profile record defined with a UID and the GROUP field on the logonid that has a GID defined.