external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: 9bca46a0 | patch | commit | show whitespace

Adding functional test cases for Issue 434.

el_kaboing

27.22.2007 3d18a51634ee7745a9976c32df6b1189b7e0e315

Adding functional test cases for Issue 434.

19 files added

1 files modified

	opends/tests/functional-tests/shared/data/aci/aci_startup.ldif	721 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/aci_handler.ldif	9 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci1.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci10.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci11.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci3.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci4.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci5.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci6.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci7.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci8.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci9.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_aci9a.ldif	30 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/add_entries1.ldif	699 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/del_aci.ldif	29 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/shared/data/aci/aci_target/del_aci_from_entries.ldif	29 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/testcases/aci/aci.xml	110 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/testcases/aci/aci_setup.xml	104 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/testcases/aci/aci_target.xml	1425 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/functional-tests/testcases/runFuncTests.xml	4 ●●●●● patch \| view \| raw \| blame \| history

 opends/tests/functional-tests/shared/data/aci/aci_startup.ldif

New file
@@ -0,0 +1,721 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: o=ACI Tests, dc=example,dc=com
o: ACI Tests
objectclass: top
objectclass: organization

dn: ou=People, o=ACI Tests, dc=example,dc=com
objectclass: top
objectclass: organizationalunit
ou: People

dn: uid=auser, ou=People, o=ACI Tests, dc=example,dc=com
cn: Aci User
sn: User
givenname: Aci
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: auser
mail: auser@example.com
telephonenumber: +1 408 555 4798
facsimiletelephonenumber: +1 408 555 9751
roomnumber: 4612
userpassword: ACIRules

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
objectclass: top
objectclass: organizationalunit
ou: aci branch

dn: ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
objectclass: top
objectclass: organizationalunit
ou: People

dn: uid=scarter, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Sam Carter
sn: Carter
givenname: Sam
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: scarter
mail: scarter@example.com
telephonenumber: +1 408 555 4798
facsimiletelephonenumber: +1 408 555 9751
roomnumber: 4612
userpassword: sprain

dn: uid=tmorris, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Ted Morris
sn: Morris
givenname: Ted
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Santa Clara
uid: tmorris
mail: tmorris@example.com
telephonenumber: +1 408 555 9187
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 4117
userpassword: irrefutable

dn: uid=kvaughan, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Kirsten Vaughan
sn: Vaughan
givenname: Kirsten
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: kvaughan
mail: kvaughan@example.com
telephonenumber: +1 408 555 5625
facsimiletelephonenumber: +1 408 555 3372
roomnumber: 2871
userpassword: bribery

dn: uid=abergin, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Andy Bergin
sn: Bergin
givenname: Andy
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: abergin
mail: abergin@example.com
telephonenumber: +1 408 555 8585
facsimiletelephonenumber: +1 408 555 7472
roomnumber: 3472
userpassword: inflict

dn: uid=dmiller, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: David Miller
sn: Miller
givenname: David
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: dmiller
mail: dmiller@example.com
telephonenumber: +1 408 555 9423
facsimiletelephonenumber: +1 408 555 0111
roomnumber: 4135
userpassword: gosling

dn: uid=gfarmer, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Gern Farmer
sn: Farmer
givenname: Gern
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Cupertino
uid: gfarmer
mail: gfarmer@example.com
telephonenumber: +1 408 555 6201
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 1269
userpassword: ruling

dn: uid=kwinters, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Kelly Winters
sn: Winters
givenname: Kelly
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: kwinters
mail: kwinters@example.com
telephonenumber: +1 408 555 9069
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 4178
userpassword: forsook

dn: uid=trigden, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Torrey Rigden
sn: Rigden
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: trigden
mail: trigden@example.com
telephonenumber: +1 408 555 9280
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 3584
userpassword: sensitive

dn: uid=cschmith, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Chris Schmith
sn: Schmith
givenname: Chris
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Santa Clara
uid: cschmith
mail: cschmith@example.com
telephonenumber: +1 408 555 8011
facsimiletelephonenumber: +1 408 555 4774
roomnumber: 0416
userpassword: hypotenuse

dn: uid=jwallace, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Judy Wallace
sn: Wallace
givenname: Judy
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: jwallace
mail: jwallace@example.com
telephonenumber: +1 408 555 0319
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 1033
userpassword: linear

dn: uid=jcrawler, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: John Crawler
sn: Crawler
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jcrawler
mail: jcrawler@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=jsprinter, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: John Sprinter
sn: Sprinter
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jsprinter
mail: jsprinter@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=jrunner, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: John Runner
sn: Runner
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jrunner
mail: jrunner@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=tclow, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Torrey Clow
sn: Clow
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Santa Clara
uid: tclow
mail: tclow@example.com
telephonenumber: +1 408 555 8825
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 4376
userpassword: cardreader

dn: uid=rdaugherty, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Robert Daugherty
sn: Daugherty
givenname: Robert
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: rdaugherty
mail: rdaugherty@example.com
telephonenumber: +1 408 555 1296
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 0194
userpassword: apples

dn: uid=jreuter, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Jayne Reuter
sn: Reuter
givenname: Jayne
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jreuter
mail: jreuter@example.com
telephonenumber: +1 408 555 1122
facsimiletelephonenumber: +1 408 555 8721
roomnumber: 2942
userpassword: destroy

dn: uid=tmason, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Torrey Mason
sn: Mason
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: tmason
mail: tmason@example.com
telephonenumber: +1 408 555 1596
facsimiletelephonenumber: +1 408 555 9751
roomnumber: 1124
userpassword: squatted

dn: uid=bhall, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
cn: Benjamin Hall
sn: Hall
givenname: Benjamin
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: bhall
mail: bhall@example.com
telephonenumber: +1 408 555 6067
facsimiletelephonenumber: +1 408 555 0111
roomnumber: 2511
userpassword: oranges

dn: ou=non-aci branch, o=ACI Tests, dc=example,dc=com
objectclass: top
objectclass: organizationalunit
ou: non-aci branch

dn: ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
objectclass: top
objectclass: organizationalunit
ou: People

dn: uid=scarter, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Sam Carter
sn: Carter
givenname: Sam
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: scarter
mail: scarter@example.com
telephonenumber: +1 408 555 4798
facsimiletelephonenumber: +1 408 555 9751
roomnumber: 4612
userpassword: sprain

dn: uid=tmorris, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Ted Morris
sn: Morris
givenname: Ted
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Santa Clara
uid: tmorris
mail: tmorris@example.com
telephonenumber: +1 408 555 9187
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 4117
userpassword: irrefutable

dn: uid=kvaughan, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Kirsten Vaughan
sn: Vaughan
givenname: Kirsten
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: kvaughan
mail: kvaughan@example.com
telephonenumber: +1 408 555 5625
facsimiletelephonenumber: +1 408 555 3372
roomnumber: 2871
userpassword: bribery

dn: uid=abergin, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Andy Bergin
sn: Bergin
givenname: Andy
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: abergin
mail: abergin@example.com
telephonenumber: +1 408 555 8585
facsimiletelephonenumber: +1 408 555 7472
roomnumber: 3472
userpassword: inflict

dn: uid=dmiller, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: David Miller
sn: Miller
givenname: David
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: dmiller
mail: dmiller@example.com
telephonenumber: +1 408 555 9423
facsimiletelephonenumber: +1 408 555 0111
roomnumber: 4135
userpassword: gosling

dn: uid=gfarmer, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Gern Farmer
sn: Farmer
givenname: Gern
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Cupertino
uid: gfarmer
mail: gfarmer@example.com
telephonenumber: +1 408 555 6201
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 1269
userpassword: ruling

dn: uid=kwinters, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Kelly Winters
sn: Winters
givenname: Kelly
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: kwinters
mail: kwinters@example.com
telephonenumber: +1 408 555 9069
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 4178
userpassword: forsook

dn: uid=trigden, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Torrey Rigden
sn: Rigden
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: trigden
mail: trigden@example.com
telephonenumber: +1 408 555 9280
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 3584
userpassword: sensitive

dn: uid=cschmith, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Chris Schmith
sn: Schmith
givenname: Chris
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Santa Clara
uid: cschmith
mail: cschmith@example.com
telephonenumber: +1 408 555 8011
facsimiletelephonenumber: +1 408 555 4774
roomnumber: 0416
userpassword: hypotenuse

dn: uid=jwallace, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Judy Wallace
sn: Wallace
givenname: Judy
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: jwallace
mail: jwallace@example.com
telephonenumber: +1 408 555 0319
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 1033
userpassword: linear

dn: uid=jcrawler, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: John Crawler
sn: Crawler
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jcrawler
mail: jcrawler@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=jsprinter, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: John Sprinter
sn: Sprinter
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jsprinter
mail: jsprinter@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=jrunner, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: John Runner
sn: Runner
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jrunner
mail: jrunner@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=tclow, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Torrey Clow
sn: Clow
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Santa Clara
uid: tclow
mail: tclow@example.com
telephonenumber: +1 408 555 8825
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 4376
userpassword: cardreader

dn: uid=rdaugherty, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Robert Daugherty
sn: Daugherty
givenname: Robert
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: rdaugherty
mail: rdaugherty@example.com
telephonenumber: +1 408 555 1296
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 0194
userpassword: apples

dn: uid=jreuter, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Jayne Reuter
sn: Reuter
givenname: Jayne
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jreuter
mail: jreuter@example.com
telephonenumber: +1 408 555 1122
facsimiletelephonenumber: +1 408 555 8721
roomnumber: 2942
userpassword: destroy

dn: uid=tmason, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Torrey Mason
sn: Mason
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: tmason
mail: tmason@example.com
telephonenumber: +1 408 555 1596
facsimiletelephonenumber: +1 408 555 9751
roomnumber: 1124
userpassword: squatted

dn: uid=bhall, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
cn: Benjamin Hall
sn: Hall
givenname: Benjamin
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: bhall
mail: bhall@example.com
telephonenumber: +1 408 555 6067
facsimiletelephonenumber: +1 408 555 0111
roomnumber: 2511
userpassword: oranges


 opends/tests/functional-tests/shared/data/aci/aci_target/aci_handler.ldif

New file
@@ -0,0 +1,9 @@
dn: cn=Access Control Handler,cn=config
changetype: modify
replace: ds-cfg-acl-handler-class
ds-cfg-acl-handler-class: org.opends.server.authorization.dseecompat.AciProvider
-
replace: ds-cfg-acl-handler-enabled
ds-cfg-acl-handler-enabled: true



 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci1.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci1"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci10.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(target="ldap:///ou=People,ou=non-aci branch, o=ACI Tests, dc=example,dc=com")(version 3.0; acl "add_aci10"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci11.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (targeeeet="ldap:///ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci11"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci3.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=Peo*,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci3"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci4.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=*eople,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci4"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci5.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=P*le,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci5"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci6.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=Pe*l*,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci6"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci7.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=People,ou=aci branch, o=ACI Tests, dc=exam*,dc=com")(targetattr="*")(version 3.0; acl "add_aci7"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci8.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///self")(targetattr="*")(version 3.0; acl "add_aci8"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci9.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci9"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci9a.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=People,ou=aci branch,o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci9a"; allow (read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_entries1.ldif

New file
@@ -0,0 +1,699 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: o=More Branches,o=ACI Tests, dc=example,dc=com
objectclass: top
objectclass: organization
o: More Branches

dn: ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
objectclass: top
objectclass: organizationalunit
ou: new aci branch
aci: (target="ldap:///ou=new aci branch, o=More Branches, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_entries1"; allow (read) userdn="ldap:///all";)

dn: ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
objectclass: top
objectclass: organizationalunit
ou: People

dn: uid=scarter, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Sam Carter
sn: Carter
givenname: Sam
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: scarter
mail: scarter@example.com
telephonenumber: +1 408 555 4798
facsimiletelephonenumber: +1 408 555 9751
roomnumber: 4612
userpassword: sprain

dn: uid=tmorris, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Ted Morris
sn: Morris
givenname: Ted
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Santa Clara
uid: tmorris
mail: tmorris@example.com
telephonenumber: +1 408 555 9187
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 4117
userpassword: irrefutable

dn: uid=kvaughan, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Kirsten Vaughan
sn: Vaughan
givenname: Kirsten
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: kvaughan
mail: kvaughan@example.com
telephonenumber: +1 408 555 5625
facsimiletelephonenumber: +1 408 555 3372
roomnumber: 2871
userpassword: bribery

dn: uid=abergin, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Andy Bergin
sn: Bergin
givenname: Andy
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: abergin
mail: abergin@example.com
telephonenumber: +1 408 555 8585
facsimiletelephonenumber: +1 408 555 7472
roomnumber: 3472
userpassword: inflict

dn: uid=dmiller, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: David Miller
sn: Miller
givenname: David
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: dmiller
mail: dmiller@example.com
telephonenumber: +1 408 555 9423
facsimiletelephonenumber: +1 408 555 0111
roomnumber: 4135
userpassword: gosling

dn: uid=gfarmer, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Gern Farmer
sn: Farmer
givenname: Gern
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Cupertino
uid: gfarmer
mail: gfarmer@example.com
telephonenumber: +1 408 555 6201
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 1269
userpassword: ruling

dn: uid=kwinters, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Kelly Winters
sn: Winters
givenname: Kelly
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: kwinters
mail: kwinters@example.com
telephonenumber: +1 408 555 9069
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 4178
userpassword: forsook

dn: uid=trigden, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Torrey Rigden
sn: Rigden
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: trigden
mail: trigden@example.com
telephonenumber: +1 408 555 9280
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 3584
userpassword: sensitive

dn: uid=cschmith, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Chris Schmith
sn: Schmith
givenname: Chris
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Santa Clara
uid: cschmith
mail: cschmith@example.com
telephonenumber: +1 408 555 8011
facsimiletelephonenumber: +1 408 555 4774
roomnumber: 0416
userpassword: hypotenuse

dn: uid=jwallace, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Judy Wallace
sn: Wallace
givenname: Judy
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: jwallace
mail: jwallace@example.com
telephonenumber: +1 408 555 0319
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 1033
userpassword: linear

dn: uid=jcrawler, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: John Crawler
sn: Crawler
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jcrawler
mail: jcrawler@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=jsprinter, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: John Sprinter
sn: Sprinter
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jsprinter
mail: jsprinter@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=jrunner, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: John Runner
sn: Runner
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jrunner
mail: jrunner@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=tclow, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Torrey Clow
sn: Clow
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Santa Clara
uid: tclow
mail: tclow@example.com
telephonenumber: +1 408 555 8825
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 4376
userpassword: cardreader

dn: uid=rdaugherty, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Robert Daugherty
sn: Daugherty
givenname: Robert
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: rdaugherty
mail: rdaugherty@example.com
telephonenumber: +1 408 555 1296
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 0194
userpassword: apples

dn: uid=jreuter, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Jayne Reuter
sn: Reuter
givenname: Jayne
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jreuter
mail: jreuter@example.com
telephonenumber: +1 408 555 1122
facsimiletelephonenumber: +1 408 555 8721
roomnumber: 2942
userpassword: destroy

dn: uid=tmason, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Torrey Mason
sn: Mason
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: tmason
mail: tmason@example.com
telephonenumber: +1 408 555 1596
facsimiletelephonenumber: +1 408 555 9751
roomnumber: 1124
userpassword: squatted

dn: uid=bhall, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Benjamin Hall
sn: Hall
givenname: Benjamin
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: bhall
mail: bhall@example.com
telephonenumber: +1 408 555 6067
facsimiletelephonenumber: +1 408 555 0111
roomnumber: 2511
userpassword: oranges

dn: ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
objectclass: top
objectclass: organizationalunit
ou: new non-aci branch

dn: ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
objectclass: top
objectclass: organizationalunit
ou: People

dn: uid=scarter, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Sam Carter
sn: Carter
givenname: Sam
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: scarter
mail: scarter@example.com
telephonenumber: +1 408 555 4798
facsimiletelephonenumber: +1 408 555 9751
roomnumber: 4612
userpassword: sprain

dn: uid=tmorris, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Ted Morris
sn: Morris
givenname: Ted
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Santa Clara
uid: tmorris
mail: tmorris@example.com
telephonenumber: +1 408 555 9187
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 4117
userpassword: irrefutable

dn: uid=kvaughan, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Kirsten Vaughan
sn: Vaughan
givenname: Kirsten
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: kvaughan
mail: kvaughan@example.com
telephonenumber: +1 408 555 5625
facsimiletelephonenumber: +1 408 555 3372
roomnumber: 2871
userpassword: bribery

dn: uid=abergin, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Andy Bergin
sn: Bergin
givenname: Andy
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: abergin
mail: abergin@example.com
telephonenumber: +1 408 555 8585
facsimiletelephonenumber: +1 408 555 7472
roomnumber: 3472
userpassword: inflict

dn: uid=dmiller, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: David Miller
sn: Miller
givenname: David
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: dmiller
mail: dmiller@example.com
telephonenumber: +1 408 555 9423
facsimiletelephonenumber: +1 408 555 0111
roomnumber: 4135
userpassword: gosling

dn: uid=gfarmer, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Gern Farmer
sn: Farmer
givenname: Gern
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Cupertino
uid: gfarmer
mail: gfarmer@example.com
telephonenumber: +1 408 555 6201
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 1269
userpassword: ruling

dn: uid=kwinters, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Kelly Winters
sn: Winters
givenname: Kelly
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: kwinters
mail: kwinters@example.com
telephonenumber: +1 408 555 9069
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 4178
userpassword: forsook

dn: uid=trigden, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Torrey Rigden
sn: Rigden
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: trigden
mail: trigden@example.com
telephonenumber: +1 408 555 9280
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 3584
userpassword: sensitive

dn: uid=cschmith, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Chris Schmith
sn: Schmith
givenname: Chris
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Santa Clara
uid: cschmith
mail: cschmith@example.com
telephonenumber: +1 408 555 8011
facsimiletelephonenumber: +1 408 555 4774
roomnumber: 0416
userpassword: hypotenuse

dn: uid=jwallace, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Judy Wallace
sn: Wallace
givenname: Judy
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Accounting
ou: People
l: Sunnyvale
uid: jwallace
mail: jwallace@example.com
telephonenumber: +1 408 555 0319
facsimiletelephonenumber: +1 408 555 8473
roomnumber: 1033
userpassword: linear

dn: uid=jcrawler, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: John Crawler
sn: Crawler
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jcrawler
mail: jcrawler@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=jsprinter, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: John Sprinter
sn: Sprinter
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jsprinter
mail: jsprinter@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=jrunner, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: John Runner
sn: Runner
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jrunner
mail: jrunner@example.com
telephonenumber: +1 408 555 1476
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 3915
userpassword: dogleg

dn: uid=tclow, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Torrey Clow
sn: Clow
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Santa Clara
uid: tclow
mail: tclow@example.com
telephonenumber: +1 408 555 8825
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 4376
userpassword: cardreader

dn: uid=rdaugherty, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Robert Daugherty
sn: Daugherty
givenname: Robert
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: rdaugherty
mail: rdaugherty@example.com
telephonenumber: +1 408 555 1296
facsimiletelephonenumber: +1 408 555 1992
roomnumber: 0194
userpassword: apples

dn: uid=jreuter, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Jayne Reuter
sn: Reuter
givenname: Jayne
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Testing
ou: People
l: Cupertino
uid: jreuter
mail: jreuter@example.com
telephonenumber: +1 408 555 1122
facsimiletelephonenumber: +1 408 555 8721
roomnumber: 2942
userpassword: destroy

dn: uid=tmason, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Torrey Mason
sn: Mason
givenname: Torrey
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Sunnyvale
uid: tmason
mail: tmason@example.com
telephonenumber: +1 408 555 1596
facsimiletelephonenumber: +1 408 555 9751
roomnumber: 1124
userpassword: squatted

dn: uid=bhall, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
cn: Benjamin Hall
sn: Hall
givenname: Benjamin
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Product Development
ou: People
l: Santa Clara
uid: bhall
mail: bhall@example.com
telephonenumber: +1 408 555 6067
facsimiletelephonenumber: +1 408 555 0111
roomnumber: 2511
userpassword: oranges


 opends/tests/functional-tests/shared/data/aci/aci_target/del_aci.ldif

New file
@@ -0,0 +1,29 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
delete: aci


 opends/tests/functional-tests/shared/data/aci/aci_target/del_aci_from_entries.ldif

New file
@@ -0,0 +1,29 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying * information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=new aci branch,o=More Branches, o=ACI Tests, dc=example,dc=com
changetype: modify
delete: aci


 opends/tests/functional-tests/testcases/aci/aci.xml

New file
@@ -0,0 +1,110 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE stax SYSTEM "stax.dtd">
<!--
 ! CDDL HEADER START
 !
 ! The contents of this file are subject to the terms of the
 ! Common Development and Distribution License, Version 1.0 only
 ! (the "License").  You may not use this file except in compliance
 ! with the License.
 !
 ! You can obtain a copy of the license at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
 ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
 ! See the License for the specific language governing permissions
 ! and limitations under the License.
 !
 ! When distributing Covered Code, include this CDDL HEADER in each
 ! file and include the License file at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
 ! add the following below this CDDL HEADER, with the fields enclosed
 ! by brackets "[]" replaced with your own identifying * information:
 !      Portions Copyright [yyyy] [name of copyright owner]
 !
 ! CDDL HEADER END
 !
 !      Portions Copyright 2006-2007 Sun Microsystems, Inc.
 ! -->
<stax>

  <defaultcall function="main_aci"/>

  <function name="main_aci">

      <sequence>

        <call function="'testSuite_Preamble'"/>
        
        <parallel>
                
          <block name="'Block DS Process Active'">
      
            <!--- Start DS -->
            <sequence>
              <message>
                 'Start DS to run on port %s' % (DIRECTORY_INSTANCE_PORT)
              </message>
      
              <!--- Start DS -->
              <call function="'startDS'">
                { 'dsbinpath' : '%s' % (OPENDS_BINPATH) }
              </call>
      
              <call function="'checkRC'">
                  { 'returncode' : RC ,
                    'result'     : STAXResult }
              </call>
      
            </sequence>
      
           <!--- End Block DS Process Active -->
           </block>
      
           <block name="'Block Clients'">
      
            <sequence>
      
              <!--- Check that DS started -->
              <call function="'isAlive'">
                { 'noOfLoops'        : 5 ,
                  'noOfMilliSeconds' : 2000 }
              </call>
      
              <import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
                file="'%s/testcases/aci/aci_setup.xml' % (TESTS_DIR)"/>
              <call function="'aci_setup'" />
      
              <import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
                file="'%s/testcases/aci/aci_target.xml' % (TESTS_DIR)"/>
              <call function="'aci_target'" />
      
              <!--- Stop DS -->
              <sequence>
                <message>
                   'Stop DS running on port %s' % (DIRECTORY_INSTANCE_PORT)
                </message>
      
                <call function="'stopDS'">
                  { 'dsInstancePort' : '%s' % (DIRECTORY_INSTANCE_PORT) }
                </call>
      
                <call function="'checkRC'">
                    { 'returncode' : RC ,
                      'result'     : STAXResult }
                </call>
              </sequence>
      
              </sequence>
      
              <!--- End Block Clients -->
              </block>
    
          </parallel>

        <call function="'testSuite_Postamble'"/>
        
     </sequence>

  </function>

</stax>

 opends/tests/functional-tests/testcases/aci/aci_setup.xml

New file
@@ -0,0 +1,104 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE stax SYSTEM "stax.dtd">
<!--
 ! CDDL HEADER START
 !
 ! The contents of this file are subject to the terms of the
 ! Common Development and Distribution License, Version 1.0 only
 ! (the "License").  You may not use this file except in compliance
 ! with the License.
 !
 ! You can obtain a copy of the license at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
 ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
 ! See the License for the specific language governing permissions
 ! and limitations under the License.
 !
 ! When distributing Covered Code, include this CDDL HEADER in each
 ! file and include the License file at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
 ! add the following below this CDDL HEADER, with the fields enclosed
 ! by brackets "[]" replaced with your own identifying * information:
 !      Portions Copyright [yyyy] [name of copyright owner]
 !
 ! CDDL HEADER END
 !
 !      Portions Copyright 2007 Sun Microsystems, Inc.
 ! -->
<stax>

  <defaultcall function="aci_setup"/>

  <function name="aci_setup">
      <!---
            Place group-specific test information here.
            #@TestGroupName             ACI
            #@TestGroupPurpose          To test the ACI functionality.
            
            Place suite-specific test information here.
            #@TestSuiteName             ACI Setup Tests
            #@TestSuitePurpose          Configure OpenDS to test ACI functionality.
            #@TestSuiteGroup            ACI Setup Tests
            #@TestScript                aci_setup.xml
      -->
      <sequence>

       <!--- Test Case : Add Entries for ACI Tests -->
       <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Setup Tests
            #@TestName                  ACI Startup Test 
            #@TestIssue                 none
            #@TestPurpose               Add entries that are needed for the ACI tests.
            #@TestPreamble              none
            #@TestStep                  Add entries with ldapmodify.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0 for all operations
        -->
        <testcase name="'ACI: ACI Setup: Add Initial Entries'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: ACI Setup: Adding Initial Entries'
            </message>

            <call function="'addEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeAdded'   : '%s/aci/aci_startup.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: ACI Setup: Enabling ACI'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/aci_handler.ldif' % STAGED_DATA_DIR }
            </call>

            <call function="'checktestRC'">
                { 'returncode' : RC ,
                  'result'     : STAXResult }
            </call>
            
            <call function="'testCase_Postamble'"/>
            
          </sequence>
        </testcase>

     </sequence>

  </function>

</stax>

 opends/tests/functional-tests/testcases/aci/aci_target.xml

New file
@@ -0,0 +1,1425 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE stax SYSTEM "stax.dtd">
<!--
 ! CDDL HEADER START
 !
 ! The contents of this file are subject to the terms of the
 ! Common Development and Distribution License, Version 1.0 only
 ! (the "License").  You may not use this file except in compliance
 ! with the License.
 !
 ! You can obtain a copy of the license at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
 ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
 ! See the License for the specific language governing permissions
 ! and limitations under the License.
 !
 ! When distributing Covered Code, include this CDDL HEADER in each
 ! file and include the License file at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
 ! add the following below this CDDL HEADER, with the fields enclosed
 ! by brackets "[]" replaced with your own identifying * information:
 !      Portions Copyright [yyyy] [name of copyright owner]
 !
 ! CDDL HEADER END
 !
 !      Portions Copyright 2007 Sun Microsystems, Inc.
 ! -->
<stax>

  <defaultcall function="aci_target"/>

  <function name="aci_target">
      <!---
            Place suite-specific test information here.
            #@TestSuiteName             ACI Target Tests
            #@TestSuitePurpose          Test the basic ACI Target Support. (targetattr="*" and allow(read)) 
            #@TestSuiteGroup            Basic ACI Target Tests
            #@TestScript                aci_target.xml
      -->
      <sequence>

      <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Preamble
            #@TestIssue                 434
            #@TestPurpose               Test default aci settings
            #@TestPreamble              none
            #@TestStep                  Client searches entry with a branch dn.
            #@TestStep                  Client searches entry with another branch dn.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
                                        and no entries are returned 
                                        for all operations.
        -->
      <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
      <!-- cross reference to DS6 docs -->
        <testcase name="'ACI: Target: Preamble'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Preamble - existing branch, user searching entry that will be targeted in future tests'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '0'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Preamble - existing branch, user searching entry that will be non-targeted in future tests'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=non-aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=non-aci branch,o=ACI Tests' }
            </call>
            
            <call function="'testCase_Postamble'"/>

          </sequence>
        </testcase>

      
        <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Target equals dn 
            #@TestIssue                 434
            #@TestPurpose               Test with the target set equal to a dn
            #@TestPreamble              Admin adds an aci with the target equal to the dn of one existing branch.
            #@TestStep                  Client searches entry with the targeted branch dn.
            #@TestStep                  Client searches entry that is not with the targeted branch dn.
            #@TestStep                  Remove aci.
            #@TestStep                  Client searches entry with the previously targeted branch dn.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
                                        for all ldap operations, and
                                        and entry is returned only for step 1.
        -->
      <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
      <!-- cross reference to DS6 docs -->
        <testcase name="'ACI: Target: Target Equals DN'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Target Equals DN, preamble adding aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/add_aci1.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN, user searching targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'      : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '1'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN, user searching non-targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=non-aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '0'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN, admin deleting aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN, user searching previously targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'      : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <call function="'testCase_Postamble'"/>

          </sequence>
        </testcase>

      <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Target equals dn - new branch
            #@TestIssue                 434
            #@TestPurpose               Test with the target set equal to a dn - new branch
            #@TestPreamble              Admin adds entries under two branches, one with an aci with the target equal to the dn of one branch.
            #@TestStep                  Client searches entry with the targeted branch dn.
            #@TestStep                  Client searches entry that is not with the targeted branch dn.
            #@TestStep                  Remove aci.
            #@TestStep                  Client searches entry with the previously targeted branch dn.
            #@TestPostamble             Admin removes branches.
            #@TestResult                Success if OpenDS returns 0
                                        for all ldap operations, and
                                        and entry is returned only for step 1.
        -->
      <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
      <!-- cross reference to DS6 docs -->
      
        <testcase name="'ACI: Target: Target Equals DN - new branch'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Target Equals DN - new branch, preamble adding entries'
            </message>

            <call function="'addEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeAdded'   : '%s/aci/aci_target/add_entries1.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN - new branch, user searching targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=new aci branch,o=More Branches,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=new aci branch,o=More Branches,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '1'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN - new branch, user searching non-targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=new non-aci branch,o=More Branches,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=new non-aci branch,o=More Branches,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '0'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN - new branch, admin deleting aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/del_aci_from_entries.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN - new branch, user searching previously targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=new aci branch,o=More Branches,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=new aci branch,o=More Branches,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '0'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN - new branch, postamble admin deleting new entries'
            </message>

            <call function="'DeleteEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'dsBaseDN'         : 'o=More Branches,o=ACI Tests,dc=example,dc=com' ,
                'extraParams'      : '-x'}
            </call>

            <call function="'checktestRC'">
                { 'returncode' : RC ,
                  'result'     : STAXResult }
            </call>

            <call function="'testCase_Postamble'"/>

          </sequence>
        </testcase>

         <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Target equals dn with trailing wildcard
            #@TestIssue                 434
            #@TestPurpose               Test with the target set equal to a dn with a trailing wildcard
            #@TestPreamble              Admin adds an aci with the target equal to the dn with a trailing wildcard.
            #@TestStep                  Client searches entry with the targeted branch dn.
            #@TestStep                  Client searches entry that is not with the targeted branch dn.
            #@TestStep                  Remove aci.
            #@TestStep                  Client searches entry with the previously targeted branch dn.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
                                        for all ldap operations, and
                                        and entry is returned only for step 1.
        -->
      <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
      <!-- cross reference to DS6 docs -->
        <testcase name="'ACI: Target: Target Equals DN With Trailing Wildcard'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Target Equals DN with trailing wildcard, preamble adding aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/add_aci3.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with trailing wildcard, user searching targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '1'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with trailing wildcard, user searching non-targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=non-aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'      : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '0'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with trailing wildcard, admin deleting aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with trailing wildcard, user searching previously targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'      : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <call function="'testCase_Postamble'"/>

          </sequence>
        </testcase>

         <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Target equals dn with leading wildcard
            #@TestIssue                 434
            #@TestPurpose               Test with the target set equal to a dn with leading wildcard
            #@TestPreamble              Admin adds an aci with the target equal to the dn with a leading wildcard.
            #@TestStep                  Client searches entry with the targeted branch dn.
            #@TestStep                  Client searches entry that is not with the targeted branch dn.
            #@TestStep                  Remove aci.
            #@TestStep                  Client searches entry with the previously targeted branch dn.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
                                        for all ldap operations, and
                                        and entry is returned only for step 1.
        -->
      <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
      <!-- cross reference to DS6 docs -->
        <testcase name="'ACI: Target: Target Equals DN With Leading Wildcard'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Target Equals DN with leading wildcard, preamble adding aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/add_aci4.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with leading wildcard, user searching targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '1'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with leading wildcard, user searching non-targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=non-aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'      : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '0'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with leading wildcard, admin deleting aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with leading wildcard, user searching previously targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'      : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <call function="'testCase_Postamble'"/>

          </sequence>
        </testcase>

         <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Target equals dn with internal wildcard
            #@TestIssue                 434
            #@TestPurpose               Test with the target set equal to a dn with an internal wildcard
            #@TestPreamble              Admin adds an aci with the target equal to the dn with an internal wildcard.
            #@TestStep                  Client searches entry with the targeted branch dn.
            #@TestStep                  Client searches entry that is not with the targeted branch dn.
            #@TestStep                  Remove aci.
            #@TestStep                  Client searches entry with the previously targeted branch dn.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
                                        for all ldap operations, and
                                        and entry is returned only for step 1.
        -->
      <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
      <!-- cross reference to DS6 docs -->
        <testcase name="'ACI: Target: Target Equals DN With Internal Wildcard'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Target Equals DN with internal wildcard, preamble adding aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/add_aci5.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with internal wildcard, user searching targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '1'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with internal wildcard, user searching non-targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=non-aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '0'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with internal wildcard, admin deleting aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with internal wildcard, user searching previously targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'      : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <call function="'testCase_Postamble'"/>

          </sequence>
        </testcase>

         <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Target equals dn with multiple wildcards
            #@TestIssue                 434
            #@TestPurpose               Test with the target set equal to a dn with multiple wildcards
            #@TestPreamble              Admin adds an aci with the target equal to the dn with multiple wildcards.
            #@TestStep                  Client searches entry with the targeted branch dn.
            #@TestStep                  Client searches entry that is not with the targeted branch dn.
            #@TestStep                  Remove aci.
            #@TestStep                  Client searches entry with the previously targeted branch dn.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
                                        for all ldap operations, and
                                        and entry is returned only for step 1.
        -->
      <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
      <!-- cross reference to DS6 docs -->
        <testcase name="'ACI: Target: Target Equals DN With Multiple Wildcards'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Target Equals DN with multiple wildcards, preamble adding aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/add_aci6.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with multiple wildcards, user searching targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '1'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with multiple wildcards, user searching non-targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=non-aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '0'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with multiple wildcards, admin deleting aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN with multiple wildcards, user searching previously targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <call function="'testCase_Postamble'"/>

          </sequence>
        </testcase>

      <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Target contains keyword self
            #@TestIssue                 434
            #@TestPurpose               Test if target can contain the keyword self
            #@TestPreamble              none
            #@TestStep                  Admin adds an aci that contains the keyword
                                        self to an existing entry
            #@TestStep                  Admin checks if aci was added.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 50, 
                                        and the aci has not been added.
        -->
        <!-- cross reference to syntax.ksh Test Case 1 -->
        <testcase name="'ACI: Target: Target Equals DN With Keyword self'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Target Equals DN With Keyword self - add aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/add_aci8.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 50">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN With Keyword self - check aci'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'dsBaseDN'         : 'ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'extraParams'      : '-s base' ,
                'attributes'       : 'aci' }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'aci:' }
            </call>
            
            <call function="'testCase_Postamble'"/>          
          </sequence>
        </testcase>
      
        <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Target set to a dn above the entry
            #@TestIssue                 434
            #@TestPurpose               Test if the target can contain a DN above the
                                        level of the entry
            #@TestPreamble              none
            #@TestStep                  Client adds an aci to its entry
                                        that has a DN above the entry's level.
            #@TestStep                  Admin checks if aci was added.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 50, 
                                        and the aci has not been added.
        -->
        <!-- cross reference to syntax.ksh Test Case 2 -->
        <testcase name="'ACI: Target: Target Equals DN Above Entry'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Target Equals DN Above Entry - add aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/add_aci9.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 50">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN Above Entry - check aci'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'dsBaseDN'         : 'ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'extraParams'      : '-s base' ,
                'attributes'       : 'aci' }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'aci:' }
            </call>
            
            <call function="'testCase_Postamble'"/>          
          </sequence>
        </testcase>
      
        <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Target set to a dn below the entry
            #@TestIssue                 434
            #@TestPurpose               Test if the target can contain a DN above the
                                        level of the entry
            #@TestPreamble              none
            #@TestStep                  Client adds an aci to its entry
                                        that has a DN below the entry's level.
            #@TestStep                  Admin checks if aci was added.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
                                        for all ldap operations, and
                                        and entry is returned only for step 1.
        -->
        <!-- cross reference to syntax.ksh Test Case 2 -->
        <testcase name="'ACI: Target: Target Equals DN Below Entry'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Target Equals DN Below Entry - add aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/add_aci9a.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN Below Entry, user searching targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid' }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '1'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN Below Entry, user searching non-targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=non-aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid' }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '0'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN Below Entry, admin deleting aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 0">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Target Equals DN Below Entry, user searching previously targeted entry'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'      : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <call function="'testCase_Postamble'"/>

          </sequence>
        </testcase>
      
        <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Multiple targets
            #@TestIssue                 434
            #@TestPurpose               Test if an aci is allowed to contain multiple targets
            #@TestPreamble              none
            #@TestStep                  Admin adds an aci to an existing entry
                                        that has multiple targets
            #@TestStep                  Admin checks if aci was added.
            #@TestStep                  Client searches entry with the targeted dn.
            #@TestStep                  Client searches entry with a non-targeted dn.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 50, 
                                        and the aci has not been added.
        -->
        <!-- cross reference to syntax.ksh Test Case 3 -->
        <testcase name="'ACI: Target: Multiple Targets'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Multiple Targets - add aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/add_aci10.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 50">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Multiple Targets - check aci'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'dsBaseDN'         : 'ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'extraParams'      : '-s base' ,
                'attributes'       : 'aci' }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'aci:' }
            </call>
            
            <call function="'testCase_Postamble'"/>          
          </sequence>
        </testcase>
      
        <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Target with mispelled keyword target
            #@TestIssue                 434
            #@TestPurpose               Test if an aci is allowed that contains the keyword target misspelled
            #@TestPreamble              none
            #@TestStep                  Admin adds an aci to an existing entry
                                        that has the keyword target misspelled
            #@TestStep                  Admin checks if aci was added.
            #@TestStep                  Client searches entry with the targeted dn.
            #@TestStep                  Client searches entry with a non-targeted dn.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 50, 
                                        and the aci has not been added.
        -->
        <!-- cross reference to syntax.ksh Test Case 13 -->
        <testcase name="'ACI: Target: Keyword Target Misspelled'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Keyword Target Misspelled - add aci'
            </message>

            <call function="'modifyEntry'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'entryToBeModified'   : '%s/aci/aci_target/add_aci11.ldif' % STAGED_DATA_DIR }
            </call>

            <if expr="RC != 50">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Keyword Target Misspelled - check aci'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'dsBaseDN'         : 'ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'extraParams'      : '-s base' ,
                'attributes'       : 'aci' }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'aci:' }
            </call>
            
            <call function="'testCase_Postamble'"/>          
          </sequence>
        </testcase>
 
      <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                ACI Target Tests
            #@TestName                  Postamble
            #@TestIssue                 434
            #@TestPurpose               Test default aci settings
            #@TestPreamble              none
            #@TestStep                  Client searches entry with a branch dn.
            #@TestStep                  Client searches entry with another branch dn.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
                                        and no entries are returned 
                                        for all operations.
        -->
      <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
      <!-- cross reference to DS6 docs -->
        <testcase name="'ACI: Target: Postamble'">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'ACI: Target: Postamble - existing branch, user searching entry that was targeted in past tests'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'searchStringForSubstring'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
            </call>
            
            <if expr="returnCode != '0'">
                <tcstatus result="'fail'"/>
            </if>

            <message>
               'ACI: Target: Postamble - existing branch, user searching entry that was non-targeted in past tests'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'ACIRules' ,
                'dsBaseDN'         : 'uid=scarter,ou=People,ou=non-aci branch,o=ACI Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'cn sn uid'}
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestStringNotPresent'">
                { 'returnString'       : returnString ,
                  'testString'         : 'dn: uid=scarter,ou=People,ou=non-aci branch,o=ACI Tests' }
            </call>
            
            <call function="'testCase_Postamble'"/>

          </sequence>
        </testcase>

       </sequence>

  </function>

</stax>

 opends/tests/functional-tests/testcases/runFuncTests.xml

@@ -107,6 +107,10 @@
      <call function="'main_security'" />

      <import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
        file="'%s/testcases/aci/aci.xml' % (TESTS_DIR)" />
      <call function="'main_aci'" />

      <import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
        file="'%s/testcases/backends/backends.xml' % (TESTS_DIR)" />
      <call function="'main_backends'" />

New file
			@@ -0,0 +1,721 @@
			# CDDL HEADER START
			#
			# The contents of this file are subject to the terms of the
			# Common Development and Distribution License, Version 1.0 only
			# (the "License"). You may not use this file except in compliance
			# with the License.
			#
			# You can obtain a copy of the license at
			# trunk/opends/resource/legal-notices/OpenDS.LICENSE
			# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
			# See the License for the specific language governing permissions
			# and limitations under the License.
			#
			# When distributing Covered Code, include this CDDL HEADER in each
			# file and include the License file at
			# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
			# add the following below this CDDL HEADER, with the fields enclosed
			# by brackets "[]" replaced with your own identifying * information:
			# Portions Copyright [yyyy] [name of copyright owner]
			#
			# CDDL HEADER END
			#
			# Portions Copyright 2007 Sun Microsystems, Inc.
			#

			dn: o=ACI Tests, dc=example,dc=com
			o: ACI Tests
			objectclass: top
			objectclass: organization

			dn: ou=People, o=ACI Tests, dc=example,dc=com
			objectclass: top
			objectclass: organizationalunit
			ou: People

			dn: uid=auser, ou=People, o=ACI Tests, dc=example,dc=com
			cn: Aci User
			sn: User
			givenname: Aci
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: auser
			mail: auser@example.com
			telephonenumber: +1 408 555 4798
			facsimiletelephonenumber: +1 408 555 9751
			roomnumber: 4612
			userpassword: ACIRules

			dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
			objectclass: top
			objectclass: organizationalunit
			ou: aci branch

			dn: ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			objectclass: top
			objectclass: organizationalunit
			ou: People

			dn: uid=scarter, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Sam Carter
			sn: Carter
			givenname: Sam
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: scarter
			mail: scarter@example.com
			telephonenumber: +1 408 555 4798
			facsimiletelephonenumber: +1 408 555 9751
			roomnumber: 4612
			userpassword: sprain

			dn: uid=tmorris, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Ted Morris
			sn: Morris
			givenname: Ted
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Santa Clara
			uid: tmorris
			mail: tmorris@example.com
			telephonenumber: +1 408 555 9187
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 4117
			userpassword: irrefutable

			dn: uid=kvaughan, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Kirsten Vaughan
			sn: Vaughan
			givenname: Kirsten
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: kvaughan
			mail: kvaughan@example.com
			telephonenumber: +1 408 555 5625
			facsimiletelephonenumber: +1 408 555 3372
			roomnumber: 2871
			userpassword: bribery

			dn: uid=abergin, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Andy Bergin
			sn: Bergin
			givenname: Andy
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: abergin
			mail: abergin@example.com
			telephonenumber: +1 408 555 8585
			facsimiletelephonenumber: +1 408 555 7472
			roomnumber: 3472
			userpassword: inflict

			dn: uid=dmiller, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: David Miller
			sn: Miller
			givenname: David
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: dmiller
			mail: dmiller@example.com
			telephonenumber: +1 408 555 9423
			facsimiletelephonenumber: +1 408 555 0111
			roomnumber: 4135
			userpassword: gosling

			dn: uid=gfarmer, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Gern Farmer
			sn: Farmer
			givenname: Gern
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Cupertino
			uid: gfarmer
			mail: gfarmer@example.com
			telephonenumber: +1 408 555 6201
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 1269
			userpassword: ruling

			dn: uid=kwinters, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Kelly Winters
			sn: Winters
			givenname: Kelly
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: kwinters
			mail: kwinters@example.com
			telephonenumber: +1 408 555 9069
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 4178
			userpassword: forsook

			dn: uid=trigden, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Torrey Rigden
			sn: Rigden
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: trigden
			mail: trigden@example.com
			telephonenumber: +1 408 555 9280
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 3584
			userpassword: sensitive

			dn: uid=cschmith, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Chris Schmith
			sn: Schmith
			givenname: Chris
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Santa Clara
			uid: cschmith
			mail: cschmith@example.com
			telephonenumber: +1 408 555 8011
			facsimiletelephonenumber: +1 408 555 4774
			roomnumber: 0416
			userpassword: hypotenuse

			dn: uid=jwallace, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Judy Wallace
			sn: Wallace
			givenname: Judy
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: jwallace
			mail: jwallace@example.com
			telephonenumber: +1 408 555 0319
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 1033
			userpassword: linear

			dn: uid=jcrawler, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: John Crawler
			sn: Crawler
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jcrawler
			mail: jcrawler@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=jsprinter, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: John Sprinter
			sn: Sprinter
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jsprinter
			mail: jsprinter@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=jrunner, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: John Runner
			sn: Runner
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jrunner
			mail: jrunner@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=tclow, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Torrey Clow
			sn: Clow
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Santa Clara
			uid: tclow
			mail: tclow@example.com
			telephonenumber: +1 408 555 8825
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 4376
			userpassword: cardreader

			dn: uid=rdaugherty, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Robert Daugherty
			sn: Daugherty
			givenname: Robert
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: rdaugherty
			mail: rdaugherty@example.com
			telephonenumber: +1 408 555 1296
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 0194
			userpassword: apples

			dn: uid=jreuter, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Jayne Reuter
			sn: Reuter
			givenname: Jayne
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jreuter
			mail: jreuter@example.com
			telephonenumber: +1 408 555 1122
			facsimiletelephonenumber: +1 408 555 8721
			roomnumber: 2942
			userpassword: destroy

			dn: uid=tmason, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Torrey Mason
			sn: Mason
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: tmason
			mail: tmason@example.com
			telephonenumber: +1 408 555 1596
			facsimiletelephonenumber: +1 408 555 9751
			roomnumber: 1124
			userpassword: squatted

			dn: uid=bhall, ou=People, ou=aci branch, o=ACI Tests, dc=example,dc=com
			cn: Benjamin Hall
			sn: Hall
			givenname: Benjamin
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: bhall
			mail: bhall@example.com
			telephonenumber: +1 408 555 6067
			facsimiletelephonenumber: +1 408 555 0111
			roomnumber: 2511
			userpassword: oranges

			dn: ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			objectclass: top
			objectclass: organizationalunit
			ou: non-aci branch

			dn: ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			objectclass: top
			objectclass: organizationalunit
			ou: People

			dn: uid=scarter, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Sam Carter
			sn: Carter
			givenname: Sam
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: scarter
			mail: scarter@example.com
			telephonenumber: +1 408 555 4798
			facsimiletelephonenumber: +1 408 555 9751
			roomnumber: 4612
			userpassword: sprain

			dn: uid=tmorris, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Ted Morris
			sn: Morris
			givenname: Ted
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Santa Clara
			uid: tmorris
			mail: tmorris@example.com
			telephonenumber: +1 408 555 9187
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 4117
			userpassword: irrefutable

			dn: uid=kvaughan, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Kirsten Vaughan
			sn: Vaughan
			givenname: Kirsten
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: kvaughan
			mail: kvaughan@example.com
			telephonenumber: +1 408 555 5625
			facsimiletelephonenumber: +1 408 555 3372
			roomnumber: 2871
			userpassword: bribery

			dn: uid=abergin, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Andy Bergin
			sn: Bergin
			givenname: Andy
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: abergin
			mail: abergin@example.com
			telephonenumber: +1 408 555 8585
			facsimiletelephonenumber: +1 408 555 7472
			roomnumber: 3472
			userpassword: inflict

			dn: uid=dmiller, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: David Miller
			sn: Miller
			givenname: David
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: dmiller
			mail: dmiller@example.com
			telephonenumber: +1 408 555 9423
			facsimiletelephonenumber: +1 408 555 0111
			roomnumber: 4135
			userpassword: gosling

			dn: uid=gfarmer, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Gern Farmer
			sn: Farmer
			givenname: Gern
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Cupertino
			uid: gfarmer
			mail: gfarmer@example.com
			telephonenumber: +1 408 555 6201
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 1269
			userpassword: ruling

			dn: uid=kwinters, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Kelly Winters
			sn: Winters
			givenname: Kelly
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: kwinters
			mail: kwinters@example.com
			telephonenumber: +1 408 555 9069
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 4178
			userpassword: forsook

			dn: uid=trigden, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Torrey Rigden
			sn: Rigden
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: trigden
			mail: trigden@example.com
			telephonenumber: +1 408 555 9280
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 3584
			userpassword: sensitive

			dn: uid=cschmith, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Chris Schmith
			sn: Schmith
			givenname: Chris
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Santa Clara
			uid: cschmith
			mail: cschmith@example.com
			telephonenumber: +1 408 555 8011
			facsimiletelephonenumber: +1 408 555 4774
			roomnumber: 0416
			userpassword: hypotenuse

			dn: uid=jwallace, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Judy Wallace
			sn: Wallace
			givenname: Judy
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: jwallace
			mail: jwallace@example.com
			telephonenumber: +1 408 555 0319
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 1033
			userpassword: linear

			dn: uid=jcrawler, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: John Crawler
			sn: Crawler
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jcrawler
			mail: jcrawler@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=jsprinter, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: John Sprinter
			sn: Sprinter
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jsprinter
			mail: jsprinter@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=jrunner, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: John Runner
			sn: Runner
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jrunner
			mail: jrunner@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=tclow, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Torrey Clow
			sn: Clow
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Santa Clara
			uid: tclow
			mail: tclow@example.com
			telephonenumber: +1 408 555 8825
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 4376
			userpassword: cardreader

			dn: uid=rdaugherty, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Robert Daugherty
			sn: Daugherty
			givenname: Robert
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: rdaugherty
			mail: rdaugherty@example.com
			telephonenumber: +1 408 555 1296
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 0194
			userpassword: apples

			dn: uid=jreuter, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Jayne Reuter
			sn: Reuter
			givenname: Jayne
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jreuter
			mail: jreuter@example.com
			telephonenumber: +1 408 555 1122
			facsimiletelephonenumber: +1 408 555 8721
			roomnumber: 2942
			userpassword: destroy

			dn: uid=tmason, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Torrey Mason
			sn: Mason
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: tmason
			mail: tmason@example.com
			telephonenumber: +1 408 555 1596
			facsimiletelephonenumber: +1 408 555 9751
			roomnumber: 1124
			userpassword: squatted

			dn: uid=bhall, ou=People, ou=non-aci branch, o=ACI Tests, dc=example,dc=com
			cn: Benjamin Hall
			sn: Hall
			givenname: Benjamin
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: bhall
			mail: bhall@example.com
			telephonenumber: +1 408 555 6067
			facsimiletelephonenumber: +1 408 555 0111
			roomnumber: 2511
			userpassword: oranges

New file
			@@ -0,0 +1,9 @@
			dn: cn=Access Control Handler,cn=config
			changetype: modify
			replace: ds-cfg-acl-handler-class
			ds-cfg-acl-handler-class: org.opends.server.authorization.dseecompat.AciProvider
			-
			replace: ds-cfg-acl-handler-enabled
			ds-cfg-acl-handler-enabled: true

New file
			@@ -0,0 +1,30 @@
			# CDDL HEADER START
			#
			# The contents of this file are subject to the terms of the
			# Common Development and Distribution License, Version 1.0 only
			# (the "License"). You may not use this file except in compliance
			# with the License.
			#
			# You can obtain a copy of the license at
			# trunk/opends/resource/legal-notices/OpenDS.LICENSE
			# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
			# See the License for the specific language governing permissions
			# and limitations under the License.
			#
			# When distributing Covered Code, include this CDDL HEADER in each
			# file and include the License file at
			# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
			# add the following below this CDDL HEADER, with the fields enclosed
			# by brackets "[]" replaced with your own identifying * information:
			# Portions Copyright [yyyy] [name of copyright owner]
			#
			# CDDL HEADER END
			#
			# Portions Copyright 2007 Sun Microsystems, Inc.
			#

			dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
			changetype: modify
			add: aci
			aci: (target="ldap:///ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci1"; allow (read) userdn="ldap:///all";)

New file
			@@ -0,0 +1,699 @@
			# CDDL HEADER START
			#
			# The contents of this file are subject to the terms of the
			# Common Development and Distribution License, Version 1.0 only
			# (the "License"). You may not use this file except in compliance
			# with the License.
			#
			# You can obtain a copy of the license at
			# trunk/opends/resource/legal-notices/OpenDS.LICENSE
			# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
			# See the License for the specific language governing permissions
			# and limitations under the License.
			#
			# When distributing Covered Code, include this CDDL HEADER in each
			# file and include the License file at
			# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
			# add the following below this CDDL HEADER, with the fields enclosed
			# by brackets "[]" replaced with your own identifying * information:
			# Portions Copyright [yyyy] [name of copyright owner]
			#
			# CDDL HEADER END
			#
			# Portions Copyright 2007 Sun Microsystems, Inc.
			#

			dn: o=More Branches,o=ACI Tests, dc=example,dc=com
			objectclass: top
			objectclass: organization
			o: More Branches

			dn: ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			objectclass: top
			objectclass: organizationalunit
			ou: new aci branch
			aci: (target="ldap:///ou=new aci branch, o=More Branches, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_entries1"; allow (read) userdn="ldap:///all";)

			dn: ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			objectclass: top
			objectclass: organizationalunit
			ou: People

			dn: uid=scarter, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Sam Carter
			sn: Carter
			givenname: Sam
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: scarter
			mail: scarter@example.com
			telephonenumber: +1 408 555 4798
			facsimiletelephonenumber: +1 408 555 9751
			roomnumber: 4612
			userpassword: sprain

			dn: uid=tmorris, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Ted Morris
			sn: Morris
			givenname: Ted
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Santa Clara
			uid: tmorris
			mail: tmorris@example.com
			telephonenumber: +1 408 555 9187
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 4117
			userpassword: irrefutable

			dn: uid=kvaughan, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Kirsten Vaughan
			sn: Vaughan
			givenname: Kirsten
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: kvaughan
			mail: kvaughan@example.com
			telephonenumber: +1 408 555 5625
			facsimiletelephonenumber: +1 408 555 3372
			roomnumber: 2871
			userpassword: bribery

			dn: uid=abergin, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Andy Bergin
			sn: Bergin
			givenname: Andy
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: abergin
			mail: abergin@example.com
			telephonenumber: +1 408 555 8585
			facsimiletelephonenumber: +1 408 555 7472
			roomnumber: 3472
			userpassword: inflict

			dn: uid=dmiller, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: David Miller
			sn: Miller
			givenname: David
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: dmiller
			mail: dmiller@example.com
			telephonenumber: +1 408 555 9423
			facsimiletelephonenumber: +1 408 555 0111
			roomnumber: 4135
			userpassword: gosling

			dn: uid=gfarmer, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Gern Farmer
			sn: Farmer
			givenname: Gern
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Cupertino
			uid: gfarmer
			mail: gfarmer@example.com
			telephonenumber: +1 408 555 6201
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 1269
			userpassword: ruling

			dn: uid=kwinters, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Kelly Winters
			sn: Winters
			givenname: Kelly
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: kwinters
			mail: kwinters@example.com
			telephonenumber: +1 408 555 9069
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 4178
			userpassword: forsook

			dn: uid=trigden, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Torrey Rigden
			sn: Rigden
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: trigden
			mail: trigden@example.com
			telephonenumber: +1 408 555 9280
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 3584
			userpassword: sensitive

			dn: uid=cschmith, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Chris Schmith
			sn: Schmith
			givenname: Chris
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Santa Clara
			uid: cschmith
			mail: cschmith@example.com
			telephonenumber: +1 408 555 8011
			facsimiletelephonenumber: +1 408 555 4774
			roomnumber: 0416
			userpassword: hypotenuse

			dn: uid=jwallace, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Judy Wallace
			sn: Wallace
			givenname: Judy
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: jwallace
			mail: jwallace@example.com
			telephonenumber: +1 408 555 0319
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 1033
			userpassword: linear

			dn: uid=jcrawler, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: John Crawler
			sn: Crawler
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jcrawler
			mail: jcrawler@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=jsprinter, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: John Sprinter
			sn: Sprinter
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jsprinter
			mail: jsprinter@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=jrunner, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: John Runner
			sn: Runner
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jrunner
			mail: jrunner@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=tclow, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Torrey Clow
			sn: Clow
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Santa Clara
			uid: tclow
			mail: tclow@example.com
			telephonenumber: +1 408 555 8825
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 4376
			userpassword: cardreader

			dn: uid=rdaugherty, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Robert Daugherty
			sn: Daugherty
			givenname: Robert
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: rdaugherty
			mail: rdaugherty@example.com
			telephonenumber: +1 408 555 1296
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 0194
			userpassword: apples

			dn: uid=jreuter, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Jayne Reuter
			sn: Reuter
			givenname: Jayne
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jreuter
			mail: jreuter@example.com
			telephonenumber: +1 408 555 1122
			facsimiletelephonenumber: +1 408 555 8721
			roomnumber: 2942
			userpassword: destroy

			dn: uid=tmason, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Torrey Mason
			sn: Mason
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: tmason
			mail: tmason@example.com
			telephonenumber: +1 408 555 1596
			facsimiletelephonenumber: +1 408 555 9751
			roomnumber: 1124
			userpassword: squatted

			dn: uid=bhall, ou=People, ou=new aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Benjamin Hall
			sn: Hall
			givenname: Benjamin
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: bhall
			mail: bhall@example.com
			telephonenumber: +1 408 555 6067
			facsimiletelephonenumber: +1 408 555 0111
			roomnumber: 2511
			userpassword: oranges

			dn: ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			objectclass: top
			objectclass: organizationalunit
			ou: new non-aci branch

			dn: ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			objectclass: top
			objectclass: organizationalunit
			ou: People

			dn: uid=scarter, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Sam Carter
			sn: Carter
			givenname: Sam
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: scarter
			mail: scarter@example.com
			telephonenumber: +1 408 555 4798
			facsimiletelephonenumber: +1 408 555 9751
			roomnumber: 4612
			userpassword: sprain

			dn: uid=tmorris, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Ted Morris
			sn: Morris
			givenname: Ted
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Santa Clara
			uid: tmorris
			mail: tmorris@example.com
			telephonenumber: +1 408 555 9187
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 4117
			userpassword: irrefutable

			dn: uid=kvaughan, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Kirsten Vaughan
			sn: Vaughan
			givenname: Kirsten
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: kvaughan
			mail: kvaughan@example.com
			telephonenumber: +1 408 555 5625
			facsimiletelephonenumber: +1 408 555 3372
			roomnumber: 2871
			userpassword: bribery

			dn: uid=abergin, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Andy Bergin
			sn: Bergin
			givenname: Andy
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: abergin
			mail: abergin@example.com
			telephonenumber: +1 408 555 8585
			facsimiletelephonenumber: +1 408 555 7472
			roomnumber: 3472
			userpassword: inflict

			dn: uid=dmiller, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: David Miller
			sn: Miller
			givenname: David
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: dmiller
			mail: dmiller@example.com
			telephonenumber: +1 408 555 9423
			facsimiletelephonenumber: +1 408 555 0111
			roomnumber: 4135
			userpassword: gosling

			dn: uid=gfarmer, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Gern Farmer
			sn: Farmer
			givenname: Gern
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Cupertino
			uid: gfarmer
			mail: gfarmer@example.com
			telephonenumber: +1 408 555 6201
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 1269
			userpassword: ruling

			dn: uid=kwinters, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Kelly Winters
			sn: Winters
			givenname: Kelly
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: kwinters
			mail: kwinters@example.com
			telephonenumber: +1 408 555 9069
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 4178
			userpassword: forsook

			dn: uid=trigden, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Torrey Rigden
			sn: Rigden
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: trigden
			mail: trigden@example.com
			telephonenumber: +1 408 555 9280
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 3584
			userpassword: sensitive

			dn: uid=cschmith, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Chris Schmith
			sn: Schmith
			givenname: Chris
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Santa Clara
			uid: cschmith
			mail: cschmith@example.com
			telephonenumber: +1 408 555 8011
			facsimiletelephonenumber: +1 408 555 4774
			roomnumber: 0416
			userpassword: hypotenuse

			dn: uid=jwallace, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Judy Wallace
			sn: Wallace
			givenname: Judy
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Accounting
			ou: People
			l: Sunnyvale
			uid: jwallace
			mail: jwallace@example.com
			telephonenumber: +1 408 555 0319
			facsimiletelephonenumber: +1 408 555 8473
			roomnumber: 1033
			userpassword: linear

			dn: uid=jcrawler, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: John Crawler
			sn: Crawler
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jcrawler
			mail: jcrawler@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=jsprinter, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: John Sprinter
			sn: Sprinter
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jsprinter
			mail: jsprinter@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=jrunner, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: John Runner
			sn: Runner
			givenname: John
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jrunner
			mail: jrunner@example.com
			telephonenumber: +1 408 555 1476
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 3915
			userpassword: dogleg

			dn: uid=tclow, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Torrey Clow
			sn: Clow
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Santa Clara
			uid: tclow
			mail: tclow@example.com
			telephonenumber: +1 408 555 8825
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 4376
			userpassword: cardreader

			dn: uid=rdaugherty, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Robert Daugherty
			sn: Daugherty
			givenname: Robert
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: rdaugherty
			mail: rdaugherty@example.com
			telephonenumber: +1 408 555 1296
			facsimiletelephonenumber: +1 408 555 1992
			roomnumber: 0194
			userpassword: apples

			dn: uid=jreuter, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Jayne Reuter
			sn: Reuter
			givenname: Jayne
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Testing
			ou: People
			l: Cupertino
			uid: jreuter
			mail: jreuter@example.com
			telephonenumber: +1 408 555 1122
			facsimiletelephonenumber: +1 408 555 8721
			roomnumber: 2942
			userpassword: destroy

			dn: uid=tmason, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Torrey Mason
			sn: Mason
			givenname: Torrey
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Human Resources
			ou: People
			l: Sunnyvale
			uid: tmason
			mail: tmason@example.com
			telephonenumber: +1 408 555 1596
			facsimiletelephonenumber: +1 408 555 9751
			roomnumber: 1124
			userpassword: squatted

			dn: uid=bhall, ou=People, ou=new non-aci branch, o=More Branches,o=ACI Tests, dc=example,dc=com
			cn: Benjamin Hall
			sn: Hall
			givenname: Benjamin
			objectclass: top
			objectclass: person
			objectclass: organizationalPerson
			objectclass: inetOrgPerson
			ou: Product Development
			ou: People
			l: Santa Clara
			uid: bhall
			mail: bhall@example.com
			telephonenumber: +1 408 555 6067
			facsimiletelephonenumber: +1 408 555 0111
			roomnumber: 2511
			userpassword: oranges

New file
			@@ -0,0 +1,29 @@
			# CDDL HEADER START
			#
			# The contents of this file are subject to the terms of the
			# Common Development and Distribution License, Version 1.0 only
			# (the "License"). You may not use this file except in compliance
			# with the License.
			#
			# You can obtain a copy of the license at
			# trunk/opends/resource/legal-notices/OpenDS.LICENSE
			# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
			# See the License for the specific language governing permissions
			# and limitations under the License.
			#
			# When distributing Covered Code, include this CDDL HEADER in each
			# file and include the License file at
			# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
			# add the following below this CDDL HEADER, with the fields enclosed
			# by brackets "[]" replaced with your own identifying * information:
			# Portions Copyright [yyyy] [name of copyright owner]
			#
			# CDDL HEADER END
			#
			# Portions Copyright 2007 Sun Microsystems, Inc.
			#

			dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
			changetype: modify
			delete: aci

New file
			@@ -0,0 +1,110 @@
			<?xml version="1.0" encoding="UTF-8" standalone="no"?>
			<!DOCTYPE stax SYSTEM "stax.dtd">
			<!--
			! CDDL HEADER START
			!
			! The contents of this file are subject to the terms of the
			! Common Development and Distribution License, Version 1.0 only
			! (the "License"). You may not use this file except in compliance
			! with the License.
			!
			! You can obtain a copy of the license at
			! trunk/opends/resource/legal-notices/OpenDS.LICENSE
			! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
			! See the License for the specific language governing permissions
			! and limitations under the License.
			!
			! When distributing Covered Code, include this CDDL HEADER in each
			! file and include the License file at
			! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
			! add the following below this CDDL HEADER, with the fields enclosed
			! by brackets "[]" replaced with your own identifying * information:
			! Portions Copyright [yyyy] [name of copyright owner]
			!
			! CDDL HEADER END
			!
			! Portions Copyright 2006-2007 Sun Microsystems, Inc.
			! -->
			<stax>

			<defaultcall function="main_aci"/>

			<function name="main_aci">

			<sequence>

			<call function="'testSuite_Preamble'"/>

			<parallel>

			<block name="'Block DS Process Active'">

			<!--- Start DS -->
			<sequence>
			<message>
			'Start DS to run on port %s' % (DIRECTORY_INSTANCE_PORT)
			</message>

			<!--- Start DS -->
			<call function="'startDS'">
			{ 'dsbinpath' : '%s' % (OPENDS_BINPATH) }
			</call>

			<call function="'checkRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>

			</sequence>

			<!--- End Block DS Process Active -->
			</block>

			<block name="'Block Clients'">

			<sequence>

			<!--- Check that DS started -->
			<call function="'isAlive'">
			{ 'noOfLoops' : 5 ,
			'noOfMilliSeconds' : 2000 }
			</call>

			<import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
			file="'%s/testcases/aci/aci_setup.xml' % (TESTS_DIR)"/>
			<call function="'aci_setup'" />

			<import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
			file="'%s/testcases/aci/aci_target.xml' % (TESTS_DIR)"/>
			<call function="'aci_target'" />

			<!--- Stop DS -->
			<sequence>
			<message>
			'Stop DS running on port %s' % (DIRECTORY_INSTANCE_PORT)
			</message>

			<call function="'stopDS'">
			{ 'dsInstancePort' : '%s' % (DIRECTORY_INSTANCE_PORT) }
			</call>

			<call function="'checkRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>
			</sequence>

			</sequence>

			<!--- End Block Clients -->
			</block>

			</parallel>

			<call function="'testSuite_Postamble'"/>

			</sequence>

			</function>

			</stax>

New file
			@@ -0,0 +1,104 @@
			<?xml version="1.0" encoding="UTF-8" standalone="no"?>
			<!DOCTYPE stax SYSTEM "stax.dtd">
			<!--
			! CDDL HEADER START
			!
			! The contents of this file are subject to the terms of the
			! Common Development and Distribution License, Version 1.0 only
			! (the "License"). You may not use this file except in compliance
			! with the License.
			!
			! You can obtain a copy of the license at
			! trunk/opends/resource/legal-notices/OpenDS.LICENSE
			! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
			! See the License for the specific language governing permissions
			! and limitations under the License.
			!
			! When distributing Covered Code, include this CDDL HEADER in each
			! file and include the License file at
			! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
			! add the following below this CDDL HEADER, with the fields enclosed
			! by brackets "[]" replaced with your own identifying * information:
			! Portions Copyright [yyyy] [name of copyright owner]
			!
			! CDDL HEADER END
			!
			! Portions Copyright 2007 Sun Microsystems, Inc.
			! -->
			<stax>

			<defaultcall function="aci_setup"/>

			<function name="aci_setup">
			<!---
			Place group-specific test information here.
			#@TestGroupName ACI
			#@TestGroupPurpose To test the ACI functionality.

			Place suite-specific test information here.
			#@TestSuiteName ACI Setup Tests
			#@TestSuitePurpose Configure OpenDS to test ACI functionality.
			#@TestSuiteGroup ACI Setup Tests
			#@TestScript aci_setup.xml
			-->
			<sequence>

			<!--- Test Case : Add Entries for ACI Tests -->
			<!---
			Place test-specific test information here.
			The tag, TestMarker, must be the same as the tag, TestSuiteName.
			#@TestMarker ACI Setup Tests
			#@TestName ACI Startup Test
			#@TestIssue none
			#@TestPurpose Add entries that are needed for the ACI tests.
			#@TestPreamble none
			#@TestStep Add entries with ldapmodify.
			#@TestPostamble none
			#@TestResult Success if OpenDS returns 0 for all operations
			-->
			<testcase name="'ACI: ACI Setup: Add Initial Entries'">
			<sequence>
			<call function="'testCase_Preamble'"/>
			<message>
			'ACI: ACI Setup: Adding Initial Entries'
			</message>

			<call function="'addEntry'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
			'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
			'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
			'entryToBeAdded' : '%s/aci/aci_startup.ldif' % STAGED_DATA_DIR }
			</call>

			<if expr="RC != 0">
			<tcstatus result="'fail'"/>
			</if>

			<message>
			'ACI: ACI Setup: Enabling ACI'
			</message>

			<call function="'modifyEntry'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
			'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
			'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
			'entryToBeModified' : '%s/aci/aci_target/aci_handler.ldif' % STAGED_DATA_DIR }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>

			<call function="'testCase_Postamble'"/>

			</sequence>
			</testcase>

			</sequence>

			</function>

			</stax>

			@@ -107,6 +107,10 @@
			<call function="'main_security'" />

			<import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
			file="'%s/testcases/aci/aci.xml' % (TESTS_DIR)" />
			<call function="'main_aci'" />

			<import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
			file="'%s/testcases/backends/backends.xml' % (TESTS_DIR)" />
			<call function="'main_backends'" />