1.Make sure the device upgraded with latest D3.5 build.
2.The device WebUI should be functional.
3.Make sure the Login-methods should be set as 'User Name / Password Validate on the Network' and user permissions method should be set as "Remotely on the Network using LDAP".
4.Make sure LDAP server should be configured in the device.
5.Make sure the more than one user permissions and Junior Administrator role should be created (Assumes an existing role has been created by a previous test).
6.Make sure the Device user with SA rights should be created.
Scenario 1: (Logged-In User role)
1.Navigate to CWIS->Login as Device user with SA rights->Logged-In users->Click "Edit User Mappings" for an existing role to go to the "Manage Permission Role" screen.
2.Select "Assign Group LDAP" option and search the LDAP groups by entering the group name (enter first letter of the group) under the 'Fine/Add Groups' search box and pressing the 'Search for Groups' button it will list the groups after that press 'Add All' button to assign all groups to the role or else manually select the listed group one by one to assign the group to the role by pressing the 'Add' button and apply the changes.
3.Download the auditlog and unzip the auditfile.zip file to verify the event:144 captured in the main auditfile.txt.
4.Follow step 2 to assign maximum of 25 LDAP groups to the role and follow step 3 to verify the auditlog event.
5.Follow step 2 to assign all or selected LDAP groups to more than one role and follow the step 3 to verify the event.
Scenario 2: (Junior Administrator role)
6.Follow step 1 to go to CWIS->User permissions->Device Management->click "Edit User Mappings" for an existing role to go to the "Manage Permission Role" screen.
7.Follow step 2-6 to verify he events.
Scenario 3: (Remove)
8.Follow step 1 to go to CWIS->Logged-In users->Click "Edit User Mappings" for an existing role which has assigned LDAP group to that role to go to the "Manage Permission Role" screen.
9.Remove already assigned one or more groups from the role by pressing the 'Remove All' button and apply the changes
10.Follow step 3 to verify the event
11.Follow step 1 to go to CWIS->User permissions->Device Management->Click "Edit User Mappings" for an existing role which has assigned LDAP group to that role to go to the "Manage Permission Role" screen.
12.Follow step 9 and 10 to verify the auditlog events.
Scenario 1 and 2:
Auditfile.txt file should be captured separate entries for all the users added to that role with the below information
Event ID: 144
Event Description: User or Group Role
Assignment
Username
Device name
Device serial number
User or group name (assigned)
Role name
\
Action: added
Scenario 3:
Auditfile.txt file should be captured separate entries for all the users removed from the role with the below information
Event ID: 144
Event Description: User or Group Role
Assignment
Username
Device name
Device serial number
User or group name (assigned)
Role name
\
Action: removed