Running IBM MFA bulk provisioning utility to register users for certificate authentication (AZFCERT1 factor).  There are two generated shell scripts (azfprov1.sh and azfprov2.sh).  The azfprov2.sh shell script runs the azfcert1_provision utility to register the user's certificate.  Contents of the azfprov2.sh script below.  This example is supposed to register gepiv.cer certificate to user id 815669.

azfcert1_provision 815669 /home/\$0789/gepiv.cer COMMIT  

The azfprov2.sh shell script  receives the following output with an error.  There are no TSS audit or USS violations related to this error.

$ sh azfprov2.sh                                                              

Existing AZFCERT1 factor data for user 815669:                                

  REGSTATE: OPEN                                                              

  SUBJECT:                                                                    

  ISSUER:                                                                      

  SERIAL:                                                                     

  CERTHASH:                                                                   

Pending AZFCERT1 tag data for user 815669:                                     

  REGSTATE: APPROVED                                                          

  SUBJECT:  CN=xxxxx,C=US,O=U.S. Government,OU=XXXXX                   

  ISSUER:   C=US,O=U.S. Government,OU=XXXXX                                    

  SERIAL:   5CC5FABC                                                         

  CERTHASH: A563B78DFBE903761EKBECBD7BE680694EC972E                          

20220329115454.490140 AZFCERT1:Error setting AZFCERT1 factor data (sts=0,safrc=

,racfrc=8,racfrsn=0x4)                                                         

Error: Failed to commit AZFCERT1 tags (sts=0,safrc=8,racfrc=8,racfrsn=0x4).   

***Execution of the Provisioning Shell Script fails with a S047 Abend.