diff --git a/CHANGELOG.md b/CHANGELOG.md
index f7a2370de2..79928168c0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,9 @@ All notable changes to the Zowe Installer will be documented in this file.
 
 - `zowe.yaml` changed its default z/OSMF Service ID definition from `zosmf` to `ibmzosmf`, which may impact Zowe Clients. For more information on this change, please see the API Mediation Layer's 3.0.0 Breaking Changes.
 
+### New features and enhancements
+- Enhancement: Added explanation to possible error message when checking z/OSMF setting. [#3956](https://github.com/zowe/zowe-install-packaging/pull/3956)
+
 <!--Add the PR or issue number to the entry if available.-->
 
 ## `2.17.0`
diff --git a/bin/commands/internal/start/prepare/index.sh b/bin/commands/internal/start/prepare/index.sh
index 3b3ef25b1a..392ceee346 100644
--- a/bin/commands/internal/start/prepare/index.sh
+++ b/bin/commands/internal/start/prepare/index.sh
@@ -144,9 +144,13 @@ global_validate() {
   if [ -n "${ZOSMF_HOST}" -a -n "${ZOSMF_PORT}" ]; then
     if [[ ${ZWE_ENABLED_COMPONENTS} == *"discovery"* ]]; then
       validate_this "validate_zosmf_host_and_port \"${ZOSMF_HOST}\" \"${ZOSMF_PORT}\" 2>&1" "zwe-internal-start-prepare,global_validate:${LINENO}"
+    else
+      if [ "${ZWE_components_zaas_apiml_security_auth_provider}" = "zosmf" ]; then
+        let "ZWE_PRIVATE_ERRORS_FOUND=${ZWE_PRIVATE_OLD_ERRORS_FOUND}+1"
+        print_error "Using z/OSMF as 'components.zaas.apiml.security.auth.provider' is not possible: discovery is disabled."
+        print_formatted_info "ZWELS" "zwe-internal-start-prepare,global_validate:${LINENO}" "Zosmf validation failed"
+      fi
     fi
-  elif [ "${ZWE_components_zaas_apiml_security_auth_provider}" = "zosmf" ]; then
-    validate_this "validate_zosmf_as_auth_provider \"${ZOSMF_HOST}\" \"${ZOSMF_PORT}\" \"${ZWE_components_zaas_apiml_security_auth_provider}\" 2>&1" "zwe-internal-start-prepare,global_validate:${LINENO}"
   fi
 
   check_runtime_validation_result "zwe-internal-start-prepare,global_validate:${LINENO}"
diff --git a/bin/commands/internal/start/prepare/index.ts b/bin/commands/internal/start/prepare/index.ts
index b70b4f10ae..712f5493af 100644
--- a/bin/commands/internal/start/prepare/index.ts
+++ b/bin/commands/internal/start/prepare/index.ts
@@ -3,9 +3,9 @@
   under the terms of the Eclipse Public License v2.0 which
   accompanies this distribution, and is available at
   https://www.eclipse.org/legal/epl-v20.html
- 
+
   SPDX-License-Identifier: EPL-2.0
- 
+
   Copyright Contributors to the Zowe Project.
 */
 
@@ -75,7 +75,7 @@ function prepareLogDirectory() {
   if (logDir) {
     os.mkdir(logDir, 0o750);
     if (!fs.isDirectoryWritable(logDir)) {
-      common.printFormattedError("ZWELS", "zwe-internal-start-prepare,prepare_log_directory", `ZWEL0141E: User $(get_user_id) does not have write permission on ${logDir}.`);
+      common.printFormattedError("ZWELS", "zwe-internal-start-prepare,prepare_log_directory", `ZWEL0141E: User ${user} does not have write permission on ${logDir}.`);
       std.exit(141);
     }
   }
@@ -173,11 +173,9 @@ function globalValidate(enabledComponents:string[]): void {
         common.printFormattedError('ZWELS', "zwe-internal-start-prepare,global_validate", "Zosmf validation failed");
       }
     } else if (std.getenv('ZWE_components_zaas_apiml_security_auth_provider') == "zosmf") {
-      let zosmfOk = zosmf.validateZosmfAsAuthProvider(zosmfHost, zosmfPort, 'zosmf');
-      if (!zosmfOk) {
         privateErrors++;
+        common.printError("Using z/OSMF as 'components.zaas.apiml.security.auth.provider' is not possible: discovery is disabled.");
         common.printFormattedError('ZWELS', "zwe-internal-start-prepare,global_validate", "Zosmf validation failed");
-      }
     }
   }
   
@@ -195,7 +193,7 @@ function validateComponents(enabledComponents:string[]): any {
   common.printFormattedInfo("ZWELS", "zwe-internal-start-prepare,validate_components", "process component validations ...");
 
   const componentEnvironments = {};
-  
+
   // reset error counter
   let privateErrors = 0;
   std.setenv('ZWE_PRIVATE_ERRORS_FOUND','0');
@@ -244,7 +242,7 @@ function validateComponents(enabledComponents:string[]): any {
       }
     }
   });
-  
+
   std.setenv('ZWE_PRIVATE_ERRORS_FOUND', ''+privateErrors);
   varlib.checkRuntimeValidationResult("zwe-internal-start-prepare,validate_components");
 
@@ -259,8 +257,8 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str
 
   const zwePrivateWorkspaceEnvDir = std.getenv('ZWE_PRIVATE_WORKSPACE_ENV_DIR');
   const zweCliParameterHaInstance = std.getenv('ZWE_CLI_PARAMETER_HA_INSTANCE');
-  
-  
+
+
   enabledComponents.forEach((componentId: string)=> {
     common.printFormattedTrace("ZWELS", "zwe-internal-start-prepare,configure_components", `- checking ${componentId}`);
     const componentDir = component.findComponentDirectory(componentId);
@@ -312,7 +310,7 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str
         common.printFormattedError("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} processComponentApimlStaticDefinitions failure`);
       }
       // - generic app framework plugin
-      success=component.processComponentAppfwPlugin(componentDir);      
+      success=component.processComponentAppfwPlugin(componentDir);
       if (success) {
         common.printFormattedDebug("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} processComponentAppfwPlugin success`);
       } else {
@@ -326,7 +324,7 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str
       } else {
         common.printFormattedError("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} processComponentZaasSharedLibs failure`);
       }
-                                    
+
       // - gateway shared lib
       success=component.processComponentGatewaySharedLibs(componentDir);
       if (success) {
@@ -362,13 +360,13 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str
           const result = shell.execOutSync('sh', '-c', `. ${runtimeDirectory}/bin/libs/configmgr-index.sh && cd ${componentDir} && . ${fullPath} ; export rc=$? ; export -p`);
 
           common.printFormattedDebug("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} configure ended with rc=${result.rc}`);
-          
+
           if (result.rc==0) {
             const exportContent = varlib.getEnvironmentExports(result.out);
             if (exportContent) {
               const rc = xplatform.storeFileUTF8(`${zwePrivateWorkspaceEnvDir}/${componentName}/.${zweCliParameterHaInstance}.env`, xplatform.AUTO_DETECT, exportContent);
               if (!rc) {
-                
+
               } else {
                 // set permission for the component environment snapshot
                 shell.execSync('chmod', `700`, `"${zwePrivateWorkspaceEnvDir}/${componentName}/.${zweCliParameterHaInstance}.env"`);
@@ -396,7 +394,7 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str
       }
     }
   });
-                            
+
   common.printFormattedDebug("ZWELS", "zwe-internal-start-prepare,configure_components", "component configurations are successful");
 }
 
@@ -462,7 +460,7 @@ export function execute() {
   config.sanitizeHaInstanceId();
   common.printFormattedInfo("ZWELS", "zwe-internal-start-prepare", `starting Zowe instance ${std.getenv('ZWE_CLI_PARAMETER_HA_INSTANCE')} with ${cliParameterConfig} ...`);
 
-  // extra preparations for running in container 
+  // extra preparations for running in container
   // this is running in containers
   if (runInContainer == 'true') {
     prepareRunningInContainer();
diff --git a/bin/libs/zosmf.sh b/bin/libs/zosmf.sh
index 116f66c65e..84477c3699 100644
--- a/bin/libs/zosmf.sh
+++ b/bin/libs/zosmf.sh
@@ -49,16 +49,3 @@ validate_zosmf_host_and_port() {
     print_message "Successfully checked z/OS MF is available on 'https://${zosmf_host}:${zosmf_port}/zosmf/info'"
   fi
 }
-
-validate_zosmf_as_auth_provider() {
-  zosmf_host="${1}"
-  zosmf_port="${2}"
-  auth_provider="${3}"
-
-  if [ -n "${zosmf_host}" -a -n "${zosmf_port}" ]; then
-    if [ "${auth_provider}" = "zosmf" ]; then
-      print_error "z/OSMF is not configured. Using z/OSMF as authentication provider is not supported."
-      return 1
-    fi
-  fi
-}
diff --git a/bin/libs/zosmf.ts b/bin/libs/zosmf.ts
index 949c0eddf6..9e05a98be0 100644
--- a/bin/libs/zosmf.ts
+++ b/bin/libs/zosmf.ts
@@ -47,14 +47,3 @@ export function validateZosmfHostAndPort(zosmfHost: string, zosmfPort: number):
   }
   return zosmfCheckPassed;
 }
-
-//TODO isnt this completely backwards?
-export function validateZosmfAsAuthProvider(zosmfHost: string, zosmfPort: number, authProvider: string): boolean {
-  if (zosmfHost && zosmfPort) {
-    if (authProvider == 'zosmf') {
-      common.printError("z/OSMF is not configured. Using z/OSMF as authentication provider is not supported.");
-      return true;
-    }
-  }
-  return false;
-}