1.Make sure the device upgraded with latest D3.5 build.
2.The device WebUI should be functional.
3.Make sure the Login-methods should be set as 'User Name / Password Validate on the Network' and user permissions method should be set as "Remotely on the Network using SMB".
4.Make sure SMB server should be configured in the device.
5.Make sure the more than one user permissions and Junior Administrator role should be created (Assumes an existing role has been created by a previous test).
6.Make sure the Device user with SA rights should be created.
Scenario 1: (Logged-In User role)
1.Navigate to CWIS->Login as created device user with SA rights->Logged-In users->Click "Edit User Mappings" for an existing role to go to the "Manage Permission Role" screen.
2.Select "All Logged-in Users with Exceptions" option and search the SMB groups by entering the group name (enter first letter of the group) under the 'Add Exceptions' search box and pressing the 'Search for Groups' button it will list the groups after that press 'Add All Exceptions' button to move all groups under Everybody Except Users In Groups box or else manually select the listed group one by one to move the group by pressing the 'Add Exception' button and apply the changes.
3.Download the auditlog and observe the auditlog will be captured entries only for selected exception group of users and the remaining groups of users which is not added in the exceptions list in step2 should also be captured with the special name "All Logged-in Users" in auditlog.
4.Follow step 1-3 to check for maximum of 25 SMB groups.
Scenario 2: (Junior Administrator role)
5.Follow step 1 to go to CWIS->User permissions->Device Management->click "Edit User Mappings" for an existing role to go to the "Manage Permission Role" screen.
6.Follow step 2-5 to verify the events.
Scenario 3: (Removing exceptions)
7.Follow step 1 to go to CWIS->Logged-In users->Click "Edit User Mappings" for an existing role which has assigned LDAP groups with exceptions to this role to go to the "Manage Permission Role" screen.
8.Select "Remove All Exceptions" option under 'Everybody Except Users In Groups' and apply the changes.
9.Download the auditlog and observe the auditlog will captured entries for only for exception group users which is removed form step 2.
10.Verify that remaining group users and also removed exception groups/users in step 9 are added to the role should be captured with special name "All Logged-in Users" in the auditlog.
11.Create maximum number of groups and follow step 1-4 to verify the auditlog event.
12.Follow step 1 to go to CWIS->User permissions->Device Management->Click "Edit User Mappings" for an existing role which has assigned LDAP groups with exceptions to this role to go to the "Manage Permission Role" screen.
13.Follow step 8 to 11 and verify the auditlog events.
Scenario 1 and 2:
Auditfile.txt file should be captured separate entries for all the users added to that role with the below information for scenario 12 & 3:
Event ID: 144
Event Description: User or Group Role
Assignment
Username
Device name
Device serial number
User or group name (Added (for defined exceptions))
All Logged-in Users (Added (for remaining users))
Role name
\
Action: added
Scenario 3:
Auditfile.txt file should be captured separate entries for all the users removed from the role with the below information for scenario 1& 2:
Event ID: 144
Event Description: User or Group Role
Assignment
Username
Device name
Device serial number
User or group name (Removed (for defined exceptions))
All Logged-in Users (Added (for remining users and also including the removed exceptions users to be added to the role))
Role name
\
Action: Added/Removed