1.Make sure the device upgraded with latest D3.5 build.
2.The device WebUI should be functional.
3.Make sure the Login-methods should be set as 'User Name / Password Validate on the Network' and user permissions method should be set as "Remotely on the Network using LDAP".
4.Make sure LDAP server should be configured in the device.
5.Make sure the LDAP groups are assigned to a particular/more than one Logged-In user/junior administrator permissions role with exceptions (Assumes an existing role it has LDAP groups which is assigned to this role by previous test).
Scenario 1: (Logged-In User role)
1.Navigate to CWIS->Logged-In users->Click "Edit User Mappings" for an existing role which has assigned LDAP groups with exceptions to this role to go to the "Manage Permission Role" screen.
2.Select "Remove All Exceptions" option under 'Everybody Except Users In Groups' and apply the changes.
3.Download the auditlog and observe the auditlog will captured entries for exception group users which is removed form step 2.
4.Verify that existing group users and removed exception groups/users are added to the role should be captured with special name "All Logged-in Users" in the auditlog.
5.Create maximum number of groups and follow step 1-4 to verify the auditlog event.
Scenario 2: (Junior Administrator role)
6.Follow step 1 to go to CWIS->User permissions->Device Management->Click "Edit User Mappings" for an existing role which has assigned LDAP groups with exceptions to this role to go to the "Manage Permission Role" screen.
7.Follow step 2 and 5 to verify the events.
Scenario 1 and 2:
Auditfile.txt file should be captured separate entries for all the users removed from the role with the below information
Event ID: 144
Event Description: User or Group Role
Assignment
Username
Device name
Device serial number
User or group name (Added (for defined exceptions))
All Logged-in Users (Added (for remining users and also including the removed exceptions users to be added to the role))
Role name
\
Action: Removed