external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: 30a0e991 | patch | commit | ignore whitespace

andrug

13.57.2007 30a01e1f73255ed52e1d0c3a1c87e156d64ef41a

updates for new WS modifications

4 files modified

	opends/tests/functional-tests/testcases/privileges/privileges_directory_manager.xml	501 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/testcases/privileges/privileges_new_root_user.xml	101 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/testcases/privileges/privileges_restore_task.xml	24 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/testcases/privileges/privileges_users.xml	228 ●●●●● patch \| view \| raw \| blame \| history

 opends/tests/functional-tests/testcases/privileges/privileges_directory_manager.xml

@@ -99,13 +99,11 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global_aci ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: bypass-acl, DM searching entry'
                </message>
@@ -154,12 +152,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-bypass-acl' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: bypass-acl, DM searching entry'
@@ -172,7 +168,9 @@
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                    'attributes'       : 'cn sn uid',
                    'expectedRC'       : 0
                  }
                </call>
    
                <script> 
@@ -200,12 +198,10 @@
                    'DNToModify'            : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'         : 'ds-privilege-name' ,
                    'newAttributeValue'     : '-bypass-acl' ,
                    'changetype'            : 'delete' }
                    'changetype'            : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: bypass-acl, DM searching entry'
@@ -255,13 +251,11 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global_aci ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
               <message>
                   'Privileges: Directory Manager: bypass-acl, DM searching entry'
                </message>
@@ -273,7 +267,9 @@
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                    'attributes'       : 'cn sn uid',
                    'expectedRC'             : 0
                  }
                </call>
    
                <script> 
@@ -328,12 +324,10 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global_aci ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: bypass-acl, alternate bind DN, DM searching entry'
@@ -346,7 +340,9 @@
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                    'attributes'       : 'cn sn uid',
                    'expectedRC'       : 0
                  }
                </call>
    
                <script> 
@@ -384,13 +380,10 @@
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-bypass-acl' ,
                    'changetype'             : 'add'  ,
                    'expectedErrorCode'      : '32' }
                    'expectedRC'             : 32
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager:  bypass-acl, alternate bind DN, alternate root user putting back global search ACI'
                </message>
@@ -403,12 +396,10 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global_aci ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
               <message>
                   'Privileges: Directory Manager: bypass-acl, alternate bind DN, DM searching entry'
@@ -421,7 +412,9 @@
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                    'attributes'       : 'cn sn uid',
                    'expectedRC'       : 0
                  }
                </call>
    
                <script> 
@@ -478,13 +471,11 @@
                    'DNToModify'             : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: modify-acl - add aci, alternate root user removing privilege'
                </message>
@@ -497,13 +488,11 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-modify-acl' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: modify-acl - add aci, DM adding ACI'
                </message>
@@ -521,13 +510,10 @@
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search2_aci ,
                    'changetype'             : 'add' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: modify-acl - add aci, alternate root user putting back privilege'
                </message>
@@ -540,13 +526,11 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-modify-acl' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: modify-acl - add aci, DM adding ACI'
                </message>
@@ -559,13 +543,11 @@
                    'DNToModify'             : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search2_aci ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: modify-acl - add aci, alternate root user deleting ACI'
                </message>
@@ -578,13 +560,11 @@
                    'DNToModify'             : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: modify-acl - add aci, alternate root user deleting ACI'
                </message>
@@ -648,12 +628,10 @@
                    'DNToModify'             : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'replace' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: modify-acl - replace aci, alternate root user removing privilege'
@@ -667,13 +645,11 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-modify-acl' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: modify-acl - replace aci, DM replacing ACI'
                </message>
@@ -687,13 +663,10 @@
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'replace' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: modify-acl - replace aci, alternate root user putting back privilege'
                </message>
@@ -706,13 +679,11 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-modify-acl' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: modify-acl - replace aci, DM replacing ACI'
                </message>
@@ -775,12 +746,10 @@
                    'DNToModify'             : 'uid=gfarmer, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: modify-acl - delete aci, alternate root user removing privilege'
@@ -794,13 +763,11 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-modify-acl' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: modify-acl - delete aci, DM delete ACI'
                </message>
@@ -818,13 +785,10 @@
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search2_aci ,
                    'changetype'             : 'delete' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: modify-acl - delete aci, alternate root user putting back privilege'
                </message>
@@ -922,12 +886,10 @@
                    'DNToModify'            : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'         : 'ds-privilege-name' ,
                    'newAttributeValue'     : '-config-read' ,
                    'changetype'            : 'add' }
                    'changetype'            : 'add' ,
                    'expectedRC'            : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>

                <message>
                   'Privileges: Directory Manager: config-read, DM searching cn=config'
@@ -941,12 +903,10 @@
                    'dsBaseDN'         : 'cn=config' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'ds-cfg-check-schema' ,
                    'extraParams'      : '-s base' }
                    'extraParams'      : '-s base' ,
                    'expectedRC'       : 50
                  }
                </call>
    
                <if expr="RC != 50">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: config-read, alternate root user putting back privilege'
@@ -960,12 +920,10 @@
                    'DNToModify'            : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'         : 'ds-privilege-name' ,
                    'newAttributeValue'     : '-config-read' ,
                    'changetype'            : 'delete' }
                    'changetype'            : 'delete' ,
                    'expectedRC'            : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>

                <message>
                   'Privileges: Directory Manager: config-read, DM searching cn=config'
@@ -1034,12 +992,10 @@
                    'DNToModify'             : 'cn=config' ,
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>

                <message>
                   'Privileges: Directory Manager: config-write, alternate root user removing read privilege'
@@ -1053,12 +1009,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-config-read' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: config-write, DM modifying cn=config'
@@ -1073,13 +1027,10 @@
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: config-write, alternate root user removing write privilege'
                </message>
@@ -1092,12 +1043,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-config-write' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: config-write, DM modifying cn=config'
@@ -1112,13 +1061,10 @@
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: config-write, alternate root user putting back read privilege'
                </message>
@@ -1131,13 +1077,11 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-config-read' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: config-write, DM modifying cn=config'
                </message>
@@ -1151,13 +1095,10 @@
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: config-write, alternate root user putting back write privilege'
                </message>
@@ -1170,12 +1111,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-config-write' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: config-write, DM modifying cn=config'
@@ -1245,12 +1184,10 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global_aci ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: config-write - add global aci, alternate root user removing config-read privilege'
@@ -1264,12 +1201,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-config-read' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: config-write - add global aci, DM adding ACI'
@@ -1288,13 +1223,10 @@
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global2_aci ,
                    'changetype'             : 'add' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: config-write - add global aci, alternate user removing config-write privilege'
                </message>
@@ -1307,12 +1239,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-config-write' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: config-write - add global aci, alternate root user putting back config-read privilege'
@@ -1326,12 +1256,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-config-read' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: config-write - add global aci, DM  adding global ACI'
@@ -1346,13 +1274,10 @@
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global2_aci ,
                    'changetype'             : 'add' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: config-write - add global aci, alternate root user putting back config-write privilege'
                </message>
@@ -1365,12 +1290,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-config-write' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: config-write - add global aci, DM adding global ACI'
@@ -1384,12 +1307,10 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global2_aci ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: config-write - add global aci, alternate root user deleting write global ACI'
@@ -1403,12 +1324,10 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global_aci ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>

                <message>
                   'Privileges: Directory Manager: config-write - add global aci, alternate root user deleting write global ACI'
@@ -1469,12 +1388,10 @@
                    'DNToModify'             : 'uid=tmason, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'userpassword' ,
                    'newAttributeValue'      : 'pickles' ,
                    'changetype'             : 'replace' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: password-reset, alternate root user removing privilege'
@@ -1488,12 +1405,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-password-reset' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: password-reset, DM resetting password'
@@ -1508,13 +1423,10 @@
                    'attributeName'          : 'userpassword' ,
                    'newAttributeValue'      : 'pickles' ,
                    'changetype'             : 'replace' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: password-reset, alternate root user putting back privilege'
                </message>
@@ -1527,12 +1439,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-password-reset' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: password-reset, DM resetting password'
@@ -1592,13 +1502,11 @@
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'cn=Aroot' ,
                    'dsInstancePswd'   : 'PrivsRule' ,
                    'entryToBeAdded'   : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir }
                    'entryToBeAdded'   : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir ,
                    'expectedRC'       : 65
                  }
                </call>
    
                <if expr="RC != 65">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: update-schema, alternate root user removing privilege'
                </message>
@@ -1611,12 +1519,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-update-schema' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: update-schema, DM adding new schema object'
@@ -1627,13 +1533,11 @@
                    'dsInstancePort'      : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'        : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'      : DIRECTORY_INSTANCE_PSWD  ,
                    'entryToBeModified'   : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir }
                    'entryToBeModified'   : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir ,
                    'expectedRC'          : 50
                  }
                </call>
    
                <if expr="RC != 50">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: update-schema, alternate root user putting back privilege'
                </message>
@@ -1646,13 +1550,11 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-update-schema' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: update-schema, DM adding new schema object'
                </message>
@@ -1662,13 +1564,11 @@
                    'dsInstancePort'      : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'        : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'      : DIRECTORY_INSTANCE_PSWD  ,
                    'entryToBeModified'   : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir }
                    'entryToBeModified'   : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir ,
                    'expectedRC'          : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: update-schema, alternate root user adding entry that users new object class'
                </message>
@@ -1678,13 +1578,11 @@
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'cn=Aroot' ,
                    'dsInstancePswd'   : 'PrivsRule' ,
                    'entryToBeAdded'   : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir }
                    'entryToBeAdded'   : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir ,
                    'expectedRC'       : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: update-schema, alternate root user searching entry'
                </message>
@@ -1763,12 +1661,10 @@
                    'DNToModify'             : 'dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : write_aci ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>

                <message>
                   'Privileges: Directory Manager: privilege-change, alternate root user removing privilege from DM'
@@ -1782,12 +1678,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-privilege-change' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: privilege-change, DM adding privilege to second user'
@@ -1802,13 +1696,10 @@
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : 'modify-acl' ,
                    'changetype'             : 'add' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Directory Manager: privilege-change, alternate root user putting back privilege to DM'
                </message>
@@ -1821,12 +1712,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-privilege-change' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: privilege-change, DM adding privilege to second user'
@@ -1840,12 +1729,10 @@
                    'DNToModify'             : 'uid=buser,o=Privileges Tests,dc=example,dc=com' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : 'modify-acl' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: privilege-change, second user adding ACI'
@@ -1863,12 +1750,10 @@
                    'DNToModify'             : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>

                <message>
                   'Privileges: Directory Manager: privilege-change, DM removing privilege to second user'
@@ -1882,12 +1767,10 @@
                    'DNToModify'             : 'uid=buser,o=Privileges Tests,dc=example,dc=com' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : 'modify-acl' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: privilege-change, alternate root user deleting ACI'
@@ -1901,12 +1784,10 @@
                    'DNToModify'             : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: privilege-change, alternate root user deleting write ACI'
@@ -1969,12 +1850,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-server-shutdown' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: server-shutdown, user adding server shutdown task'
@@ -2005,12 +1884,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-server-shutdown' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: server-shutdown, user adding server shutdown task'
@@ -2119,12 +1996,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-server-restart' ,
                    'changetype'             : 'add' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: server-restart, DM adding server restart task'
@@ -2155,12 +2030,10 @@
                    'DNToModify'             : 'cn=Directory Manager,cn=Root DNs,cn=config' ,
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-server-restart' ,
                    'changetype'             : 'delete' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 0
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: Directory Manager: server-restart, DM adding server restart task'

 opends/tests/functional-tests/testcases/privileges/privileges_new_root_user.xml

@@ -424,13 +424,10 @@
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : '-bypass-acl' ,
                    'changetype'             : 'add' ,
                    'expectedErrorCode'      : '32' }
                    'expectedRC'             : 32
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User:  bypass-acl, alternate bind DN, alternative root user putting back global search ACI'
                </message>
@@ -561,13 +558,10 @@
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search2_aci ,
                    'changetype'             : 'add' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: modify-acl - add aci, alternative root user putting back privilege'
                </message>
@@ -727,13 +721,10 @@
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'replace' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: modify-acl - replace aci, alternative root user putting back privilege'
                </message>
@@ -858,13 +849,10 @@
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search2_aci ,
                    'changetype'             : 'delete' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: modify-acl - delete aci, alternative root user putting back privilege'
                </message>
@@ -981,12 +969,10 @@
                    'dsBaseDN'         : 'cn=config' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'ds-cfg-check-schema' ,
                    'extraParams'      : '-s base' }
                    'extraParams'      : '-s base' ,
                    'expectedRC'       : 50
                  }
                </call>
    
                <if expr="RC != 50">
                    <tcstatus result="'fail'"/>
                </if>
                
                <message>
                   'Privileges: New Root User: config-read, alternative root user putting back privilege'
@@ -1113,13 +1099,10 @@
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: config-write, alternative root user removing privilege'
                </message>
@@ -1152,13 +1135,10 @@
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: config-write, altrnative root user putting back privilege'
                </message>
@@ -1191,13 +1171,10 @@
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: config-write, alternative root user putting back privilege'
                </message>
@@ -1328,13 +1305,10 @@
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global2_aci ,
                    'changetype'             : 'add' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: config-write - add global aci, altrnative user removing config-write privilege'
                </message>
@@ -1386,13 +1360,10 @@
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global2_aci ,
                    'changetype'             : 'add' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: config-write - add global aci, alternative root user putting back config-write privilege'
                </message>
@@ -1548,13 +1519,10 @@
                    'attributeName'          : 'userpassword' ,
                    'newAttributeValue'      : 'pickles' ,
                    'changetype'             : 'replace',
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: password-reset, alternative root user deleting privilege'
                </message>
@@ -1632,13 +1600,11 @@
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'cn=Aroot' ,
                    'dsInstancePswd'   : 'PrivsRule' ,
                    'entryToBeAdded'   : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir }
                    'entryToBeAdded'   : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir ,
                    'expectedRC'       : 65
                  }
                </call>
    
                <if expr="RC != 65">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: update-schema, alternative root user removing privilege'
                </message>
@@ -1667,13 +1633,11 @@
                    'dsInstancePort'      : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'        : 'cn=Zroot' ,
                    'dsInstancePswd'      : 'PrivsRule' ,
                    'entryToBeModified'   : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir }
                    'entryToBeModified'   : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir ,
                    'expectedRC'          : 50
                  }
                </call>
    
                <if expr="RC != 50">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: update-schema, alternative root user putting back privilege'
                </message>
@@ -1842,13 +1806,10 @@
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : 'modify-acl' ,
                    'changetype'             : 'add' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: New Root User: privilege-change, alternative root user putting back privilege to new root user'
                </message>

 opends/tests/functional-tests/testcases/privileges/privileges_restore_task.xml

@@ -151,13 +151,11 @@
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'dsBaseDN'         : 'uid=tmorris,ou=People,ou=restore task,o=Privileges Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                    'attributes'       : 'cn sn uid',
                    'expectedRC'       : 32
                  }
                </call>
    
                <if expr="RC != 32">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Restore Tasks: backend-restore, Admin adding privilege'
                </message>
@@ -374,13 +372,11 @@
                    'dsInstancePswd'   : 'PrivsRule' ,
                    'dsBaseDN'         : 'uid=tmorris,ou=People,ou=restore task,o=Privileges Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                    'attributes'       : 'cn sn uid',
                    'expectedRC'       : 32
                  }
                </call>
    
                <if expr="RC != 32">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Restore Tasks: backend-restore, Directory Manager, alternative root user removing privilege'
                </message>
@@ -591,13 +587,11 @@
                    'dsInstancePswd'   : 'PrivsRule' ,
                    'dsBaseDN'         : 'uid=tmorris,ou=People,ou=restore task,o=Privileges Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                    'attributes'       : 'cn sn uid',
                    'expectedRC'       : 32
                  }
                </call>
    
                <if expr="RC != 32">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Restore Tasks: backend-restore, New User Root, alternative root user removing privilege'
                </message>

 opends/tests/functional-tests/testcases/privileges/privileges_users.xml

@@ -923,13 +923,10 @@
                    'attributeName'          : 'ds-privilege-name' ,
                    'newAttributeValue'      : 'bypass-acl' ,
                    'changetype'             : 'add' ,
                    'expectedErrorCode'      : '50' }
                    'expectedRC'             : 50
                  }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: bypass-acl self-modify add, user searching entry'
                </message>
@@ -1047,14 +1044,11 @@
                    'DNToModify'             : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'add' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: modify-acl - add aci, Admin adding privilege'
                </message>
@@ -1086,14 +1080,11 @@
                    'DNToModify'             : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'add' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: modify-acl - add aci, Admin adding write ACI'
                </message>
@@ -1171,13 +1162,10 @@
                    'DNToModify'             : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search2_aci ,
                    'changetype'             : 'add' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: modify-acl - add aci, Admin deleting write ACI'
@@ -1233,8 +1221,9 @@
                    'DNToModify'             : 'uid=scarter, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search3_aci ,
                    'changetype'             : 'add' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <call function="'checktestRC'">
@@ -1289,13 +1278,10 @@
                    'DNToModify'             : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: modify-acl - replace aci, Admin adding write ACI'
@@ -1332,13 +1318,10 @@
                    'DNToModify'             : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: modify-acl - replace aci, Admin adding privilege'
@@ -1409,13 +1392,10 @@
                    'DNToModify'             : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: modify-acl - replace aci, Admin deleting privilege'
@@ -1448,8 +1428,9 @@
                    'DNToModify'             : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : search_aci ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <call function="'checktestRC'">
@@ -1502,13 +1483,10 @@
                    'DNToModify'             : 'uid=dmiller, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : write_aci_dmiller ,
                    'changetype'             : 'delete' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: modify-acl - delete aci, Admin adding privilege'
@@ -1541,13 +1519,10 @@
                    'DNToModify'             : 'uid=dmiller, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'aci' ,
                    'newAttributeValue'      : write_aci_dmiller ,
                    'changetype'             : 'delete' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'delete' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: modify-acl - delete aci, Admin adding write ACI'
@@ -1670,13 +1645,11 @@
                    'dsBaseDN'         : 'cn=config' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'ds-cfg-check-schema' ,
                    'extraParams'      : '-s base' }
                    'extraParams'      : '-s base' ,
                    'expectedRC'       : 50
                  }
                </call>
    
                <if expr="RC != 50">
                    <tcstatus result="'fail'"/>
                </if>

                <message>
                   'Privileges: Users: config-read, Admin adding privilege'
                </message>
@@ -1824,14 +1797,11 @@
                    'DNToModify'             : 'cn=config' ,
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: config-write, Admin adding privilege'
                </message>
@@ -1863,14 +1833,11 @@
                    'DNToModify'             : 'cn=config' ,
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: config-write, Admin adding privilege'
                </message>
@@ -1902,8 +1869,9 @@
                    'DNToModify'             : 'cn=config' ,
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
@@ -1983,14 +1951,11 @@
                    'DNToModify'             : 'cn=config' ,
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: config-write, Admin deleting privilege'
                </message>
@@ -2022,13 +1987,10 @@
                    'DNToModify'             : 'cn=config' ,
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: modify-acl - add aci, Admin deleting write ACI'
@@ -2061,8 +2023,9 @@
                    'DNToModify'             : 'cn=config' ,
                    'attributeName'          : 'ds-cfg-check-schema' ,
                    'newAttributeValue'      : 'true' ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <call function="'checktestRC'">
@@ -2122,13 +2085,10 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global_aci ,
                    'changetype'             : 'add' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: config-write - add global aci, Admin adding privilege'
@@ -2161,14 +2121,11 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global_aci ,
                    'changetype'             : 'add' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: config-write - add global aci, Admin adding privilege'
                </message>
@@ -2200,13 +2157,10 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global_aci ,
                    'changetype'             : 'add' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: config-write - add global aci, Admin adding write ACI'
@@ -2285,13 +2239,10 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global2_aci ,
                    'changetype'             : 'add' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: config-write - add global aci, Admin deleting privilege'
@@ -2324,14 +2275,11 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global2_aci ,
                    'changetype'             : 'add' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: config-write - add global aci, Admin deleting write ACI'
                </message>
@@ -2382,8 +2330,9 @@
                    'DNToModify'             : 'cn=Access Control Handler,cn=config' ,
                    'attributeName'          : 'ds-cfg-global-aci' ,
                    'newAttributeValue'      : global2_aci ,
                    'changetype'             : 'add' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'add' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <call function="'checktestRC'">
@@ -2456,13 +2405,10 @@
                    'DNToModify'             : 'uid=bhall, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'userpassword' ,
                    'newAttributeValue'      : 'bananas' ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: password-reset, Admin adding privilege'
@@ -2569,8 +2515,9 @@
                    'DNToModify'             : 'uid=bhall, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'userpassword' ,
                    'newAttributeValue'      : 'bananas' ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <if expr="RC != 0">
@@ -2608,8 +2555,9 @@
                    'DNToModify'             : 'uid=bhall, ou=People, o=Privileges Tests, dc=example,dc=com' ,
                    'attributeName'          : 'userpassword' ,
                    'newAttributeValue'      : 'bananas' ,
                    'changetype'             : 'replace' , 
                    'expectedErrorCode'      : '50' }
                    'changetype'             : 'replace' ,
                    'expectedRC'             : 50
                  }
                </call>
                
                <call function="'checktestRC'">
@@ -2679,13 +2627,11 @@
                    'dsInstancePort'      : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'        : 'uid=auser,o=Privileges Tests,dc=example,dc=com' ,
                    'dsInstancePswd'      : 'ACIRules'  ,
                    'entryToBeModified'   : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir }
                    'entryToBeModified'   : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir ,
                    'expectedRC'          : 50
                  }
                </call>
    
                <if expr="RC != 50">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: update-schema, Admin adding entry that uses new object class'
                </message>
@@ -2695,13 +2641,11 @@
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeAdded'   : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir }
                    'entryToBeAdded'   : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir ,
                    'expectedRC'       : 65
                  }
                </call>
    
                <if expr="RC != 65">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'Privileges: Users: update-schema, Admin adding privilege'
                </message>

			@@ -424,13 +424,10 @@
			'attributeName' : 'ds-privilege-name' ,
			'newAttributeValue' : '-bypass-acl' ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '32' }
			'expectedRC' : 32
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: bypass-acl, alternate bind DN, alternative root user putting back global search ACI'
			</message>
			@@ -561,13 +558,10 @@
			'attributeName' : 'aci' ,
			'newAttributeValue' : search2_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: modify-acl - add aci, alternative root user putting back privilege'
			</message>
			@@ -727,13 +721,10 @@
			'attributeName' : 'aci' ,
			'newAttributeValue' : search_aci ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: modify-acl - replace aci, alternative root user putting back privilege'
			</message>
			@@ -858,13 +849,10 @@
			'attributeName' : 'aci' ,
			'newAttributeValue' : search2_aci ,
			'changetype' : 'delete' ,
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: modify-acl - delete aci, alternative root user putting back privilege'
			</message>
			@@ -981,12 +969,10 @@
			'dsBaseDN' : 'cn=config' ,
			'dsFilter' : 'objectclass=*' ,
			'attributes' : 'ds-cfg-check-schema' ,
			'extraParams' : '-s base' }
			'extraParams' : '-s base' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 50">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: config-read, alternative root user putting back privilege'
			@@ -1113,13 +1099,10 @@
			'attributeName' : 'ds-cfg-check-schema' ,
			'newAttributeValue' : 'true' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: config-write, alternative root user removing privilege'
			</message>
			@@ -1152,13 +1135,10 @@
			'attributeName' : 'ds-cfg-check-schema' ,
			'newAttributeValue' : 'true' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: config-write, altrnative root user putting back privilege'
			</message>
			@@ -1191,13 +1171,10 @@
			'attributeName' : 'ds-cfg-check-schema' ,
			'newAttributeValue' : 'true' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: config-write, alternative root user putting back privilege'
			</message>
			@@ -1328,13 +1305,10 @@
			'attributeName' : 'ds-cfg-global-aci' ,
			'newAttributeValue' : global2_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: config-write - add global aci, altrnative user removing config-write privilege'
			</message>
			@@ -1386,13 +1360,10 @@
			'attributeName' : 'ds-cfg-global-aci' ,
			'newAttributeValue' : global2_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: config-write - add global aci, alternative root user putting back config-write privilege'
			</message>
			@@ -1548,13 +1519,10 @@
			'attributeName' : 'userpassword' ,
			'newAttributeValue' : 'pickles' ,
			'changetype' : 'replace',
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: password-reset, alternative root user deleting privilege'
			</message>
			@@ -1632,13 +1600,11 @@
			'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
			'dsInstanceDn' : 'cn=Aroot' ,
			'dsInstancePswd' : 'PrivsRule' ,
			'entryToBeAdded' : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir }
			'entryToBeAdded' : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir ,
			'expectedRC' : 65
			}
			</call>

			<if expr="RC != 65">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: update-schema, alternative root user removing privilege'
			</message>
			@@ -1667,13 +1633,11 @@
			'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
			'dsInstanceDn' : 'cn=Zroot' ,
			'dsInstancePswd' : 'PrivsRule' ,
			'entryToBeModified' : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir }
			'entryToBeModified' : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 50">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: update-schema, alternative root user putting back privilege'
			</message>
			@@ -1842,13 +1806,10 @@
			'attributeName' : 'ds-privilege-name' ,
			'newAttributeValue' : 'modify-acl' ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: New Root User: privilege-change, alternative root user putting back privilege to new root user'
			</message>

			@@ -151,13 +151,11 @@
			'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
			'dsBaseDN' : 'uid=tmorris,ou=People,ou=restore task,o=Privileges Tests,dc=example,dc=com' ,
			'dsFilter' : 'objectclass=*' ,
			'attributes' : 'cn sn uid'}
			'attributes' : 'cn sn uid',
			'expectedRC' : 32
			}
			</call>

			<if expr="RC != 32">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Restore Tasks: backend-restore, Admin adding privilege'
			</message>
			@@ -374,13 +372,11 @@
			'dsInstancePswd' : 'PrivsRule' ,
			'dsBaseDN' : 'uid=tmorris,ou=People,ou=restore task,o=Privileges Tests,dc=example,dc=com' ,
			'dsFilter' : 'objectclass=*' ,
			'attributes' : 'cn sn uid'}
			'attributes' : 'cn sn uid',
			'expectedRC' : 32
			}
			</call>

			<if expr="RC != 32">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Restore Tasks: backend-restore, Directory Manager, alternative root user removing privilege'
			</message>
			@@ -591,13 +587,11 @@
			'dsInstancePswd' : 'PrivsRule' ,
			'dsBaseDN' : 'uid=tmorris,ou=People,ou=restore task,o=Privileges Tests,dc=example,dc=com' ,
			'dsFilter' : 'objectclass=*' ,
			'attributes' : 'cn sn uid'}
			'attributes' : 'cn sn uid',
			'expectedRC' : 32
			}
			</call>

			<if expr="RC != 32">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Restore Tasks: backend-restore, New User Root, alternative root user removing privilege'
			</message>

			@@ -923,13 +923,10 @@
			'attributeName' : 'ds-privilege-name' ,
			'newAttributeValue' : 'bypass-acl' ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: bypass-acl self-modify add, user searching entry'
			</message>
			@@ -1047,14 +1044,11 @@
			'DNToModify' : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'aci' ,
			'newAttributeValue' : search_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'add' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: modify-acl - add aci, Admin adding privilege'
			</message>
			@@ -1086,14 +1080,11 @@
			'DNToModify' : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'aci' ,
			'newAttributeValue' : search_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'add' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: modify-acl - add aci, Admin adding write ACI'
			</message>
			@@ -1171,13 +1162,10 @@
			'DNToModify' : 'ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'aci' ,
			'newAttributeValue' : search2_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'add' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: modify-acl - add aci, Admin deleting write ACI'
			@@ -1233,8 +1221,9 @@
			'DNToModify' : 'uid=scarter, ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'aci' ,
			'newAttributeValue' : search3_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'add' ,
			'expectedRC' : 50
			}
			</call>

			<call function="'checktestRC'">
			@@ -1289,13 +1278,10 @@
			'DNToModify' : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'aci' ,
			'newAttributeValue' : search_aci ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: modify-acl - replace aci, Admin adding write ACI'
			@@ -1332,13 +1318,10 @@
			'DNToModify' : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'aci' ,
			'newAttributeValue' : search_aci ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: modify-acl - replace aci, Admin adding privilege'
			@@ -1409,13 +1392,10 @@
			'DNToModify' : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'aci' ,
			'newAttributeValue' : search_aci ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: modify-acl - replace aci, Admin deleting privilege'
			@@ -1448,8 +1428,9 @@
			'DNToModify' : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'aci' ,
			'newAttributeValue' : search_aci ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<call function="'checktestRC'">
			@@ -1502,13 +1483,10 @@
			'DNToModify' : 'uid=dmiller, ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'aci' ,
			'newAttributeValue' : write_aci_dmiller ,
			'changetype' : 'delete' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'delete' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: modify-acl - delete aci, Admin adding privilege'
			@@ -1541,13 +1519,10 @@
			'DNToModify' : 'uid=dmiller, ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'aci' ,
			'newAttributeValue' : write_aci_dmiller ,
			'changetype' : 'delete' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'delete' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: modify-acl - delete aci, Admin adding write ACI'
			@@ -1670,13 +1645,11 @@
			'dsBaseDN' : 'cn=config' ,
			'dsFilter' : 'objectclass=*' ,
			'attributes' : 'ds-cfg-check-schema' ,
			'extraParams' : '-s base' }
			'extraParams' : '-s base' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 50">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: config-read, Admin adding privilege'
			</message>
			@@ -1824,14 +1797,11 @@
			'DNToModify' : 'cn=config' ,
			'attributeName' : 'ds-cfg-check-schema' ,
			'newAttributeValue' : 'true' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: config-write, Admin adding privilege'
			</message>
			@@ -1863,14 +1833,11 @@
			'DNToModify' : 'cn=config' ,
			'attributeName' : 'ds-cfg-check-schema' ,
			'newAttributeValue' : 'true' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: config-write, Admin adding privilege'
			</message>
			@@ -1902,8 +1869,9 @@
			'DNToModify' : 'cn=config' ,
			'attributeName' : 'ds-cfg-check-schema' ,
			'newAttributeValue' : 'true' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			@@ -1983,14 +1951,11 @@
			'DNToModify' : 'cn=config' ,
			'attributeName' : 'ds-cfg-check-schema' ,
			'newAttributeValue' : 'true' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: config-write, Admin deleting privilege'
			</message>
			@@ -2022,13 +1987,10 @@
			'DNToModify' : 'cn=config' ,
			'attributeName' : 'ds-cfg-check-schema' ,
			'newAttributeValue' : 'true' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: modify-acl - add aci, Admin deleting write ACI'
			@@ -2061,8 +2023,9 @@
			'DNToModify' : 'cn=config' ,
			'attributeName' : 'ds-cfg-check-schema' ,
			'newAttributeValue' : 'true' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<call function="'checktestRC'">
			@@ -2122,13 +2085,10 @@
			'DNToModify' : 'cn=Access Control Handler,cn=config' ,
			'attributeName' : 'ds-cfg-global-aci' ,
			'newAttributeValue' : global_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'add' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: config-write - add global aci, Admin adding privilege'
			@@ -2161,14 +2121,11 @@
			'DNToModify' : 'cn=Access Control Handler,cn=config' ,
			'attributeName' : 'ds-cfg-global-aci' ,
			'newAttributeValue' : global_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'add' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: config-write - add global aci, Admin adding privilege'
			</message>
			@@ -2200,13 +2157,10 @@
			'DNToModify' : 'cn=Access Control Handler,cn=config' ,
			'attributeName' : 'ds-cfg-global-aci' ,
			'newAttributeValue' : global_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'add' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: config-write - add global aci, Admin adding write ACI'
			@@ -2285,13 +2239,10 @@
			'DNToModify' : 'cn=Access Control Handler,cn=config' ,
			'attributeName' : 'ds-cfg-global-aci' ,
			'newAttributeValue' : global2_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'add' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: config-write - add global aci, Admin deleting privilege'
			@@ -2324,14 +2275,11 @@
			'DNToModify' : 'cn=Access Control Handler,cn=config' ,
			'attributeName' : 'ds-cfg-global-aci' ,
			'newAttributeValue' : global2_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'add' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: config-write - add global aci, Admin deleting write ACI'
			</message>
			@@ -2382,8 +2330,9 @@
			'DNToModify' : 'cn=Access Control Handler,cn=config' ,
			'attributeName' : 'ds-cfg-global-aci' ,
			'newAttributeValue' : global2_aci ,
			'changetype' : 'add' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'add' ,
			'expectedRC' : 50
			}
			</call>

			<call function="'checktestRC'">
			@@ -2456,13 +2405,10 @@
			'DNToModify' : 'uid=bhall, ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'userpassword' ,
			'newAttributeValue' : 'bananas' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: password-reset, Admin adding privilege'
			@@ -2569,8 +2515,9 @@
			'DNToModify' : 'uid=bhall, ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'userpassword' ,
			'newAttributeValue' : 'bananas' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 0">
			@@ -2608,8 +2555,9 @@
			'DNToModify' : 'uid=bhall, ou=People, o=Privileges Tests, dc=example,dc=com' ,
			'attributeName' : 'userpassword' ,
			'newAttributeValue' : 'bananas' ,
			'changetype' : 'replace' ,
			'expectedErrorCode' : '50' }
			'changetype' : 'replace' ,
			'expectedRC' : 50
			}
			</call>

			<call function="'checktestRC'">
			@@ -2679,13 +2627,11 @@
			'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
			'dsInstanceDn' : 'uid=auser,o=Privileges Tests,dc=example,dc=com' ,
			'dsInstancePswd' : 'ACIRules' ,
			'entryToBeModified' : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir }
			'entryToBeModified' : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir ,
			'expectedRC' : 50
			}
			</call>

			<if expr="RC != 50">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: update-schema, Admin adding entry that uses new object class'
			</message>
			@@ -2695,13 +2641,11 @@
			'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
			'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
			'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
			'entryToBeAdded' : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir }
			'entryToBeAdded' : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir ,
			'expectedRC' : 65
			}
			</call>

			<if expr="RC != 65">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'Privileges: Users: update-schema, Admin adding privilege'
			</message>