MFA error messages

MFA 1 Minute

Other posts on MFA:

At MFA started task start up

PLUGHOST:Successfully retrieved system factor data for AZFCERT1:
PLUGHOST:about to load AZFCERT1
PLUGHOST:AZF2102I Loaded authenticator (name: AZFCERT1, entry point: 0x206E40A8, status: 0x0)
AZFCERT1:AZF8005I AZFCERT1 Initializing MFA2.2.0.0 compiled Jan 11 2022 11:44:24 last modified Tue
PLUGS:AZF2108I Authenticator entry point invoked : status = 0x0
PLUGS:AZF2406E Error from R_factor (AZFCERT1) (length=0)


ICH21053I Unexpected return code=00000004 and reason code=00000000 from IBM MFA while processing user TOTP

I got this when doing

ALU TOTP MFA(FACTOR(AZFCERT1) ACTIVE TAGS(REGSTATE:OPEN))

I think it is connected to the first message. The FACTOR.name has been defined, but not initialised.

AZFYUBI:Failed to set user factor data (sts=0,safrc=8,racfrc=8,racfrsn=0xc)
MFAWEB:serveYubiEnrollPost: Failed to commit updated yubiUser data (sts=0,safrc=8,racfrc=8,racfrsn=0xc)

Check the messages in the started task. I had

ICH408I USER(AZFWEB2 ) GROUP(TEST ) NAME(MFA STC
IRR.RFACTOR.USER CL(FACILITY)
INSUFFICIENT ACCESS AUTHORITY
ACCESS INTENT(UPDATE ) ACCESS ALLOWED(READ )

because the userid did not have the right access.

AZF6159W PKCS#11 object not found (serveYubiEnrollPost) (label=<AZFYUBI….>,sts=0,num=0,p11rc=0,p11rsn=0x0)

Need to ingest commit the Yubikey

AZFYUBI:Failed to set user factor data (sts=1200008,safrc=0,racfrc=0,racfrsn=0x0)
MFAWEB:serveYubiEnrollPost: Failed to commit updated yubiUser data (sts=1200008,safrc=0,racfrc=0,racfrsn=0x0)

Need to restart AZF#IN00 and AZ#IN01

Unknown's avatar

Published by Colin Paice

I retired from IBM where I worked on MQ on z/OS, and did customer stuff. I retired, and keep my hand in with MQ, by playing with it! I'm now an #IBMChampion from my work trying to make z/OS product more usable.

Published

Leave a comment