if !gotBuckets.Equals(shouldHaveBuckets) {
		c.Fatalf("root user should have access to all buckets")
	}

	// This must fail.
	if err := userAdmClient.AddUser(ctx, globalActiveCred.AccessKey, globalActiveCred.SecretKey); err == nil {
		c.Fatal("AddUser() for root credential must fail via root STS creds")
	}
}

// SetUpLDAP - expects to setup an LDAP test server using the test LDAP

				v.SecretKey = ""
				v.SessionToken = ""
				stsAccounts = append(stsAccounts, v)
			}
		}
	}

	return stsAccounts, nil
}

// AddUser - adds/updates long term user account to storage.
func (store *IAMStoreSys) AddUser(ctx context.Context, accessKey string, ureq madmin.AddOrUpdateUserReq) (updatedAt time.Time, err error) {
	cache := store.lock()
	defer store.unlock()

			IsDeleteReq: false,
			UserReq: &madmin.AddOrUpdateUserReq{
				Status: madmin.AccountStatus(status),
			},
		},
		UpdatedAt: updatedAt,
	}))
}

// AddUser - PUT /minio/admin/v3/add-user?accessKey=<access_key>
func (a adminAPIHandlers) AddUser(w http.ResponseWriter, r *http.Request) {
	ctx := r.Context()

	vars := mux.Vars(r)
	accessKey := vars["accessKey"]

	// Get current object layer instance.

		return updatedAt, auth.ErrContainsReservedChars
	}

	if !auth.IsSecretKeyValid(ureq.SecretKey) {
		return updatedAt, auth.ErrInvalidSecretKeyLength
	}

	updatedAt, err = sys.store.AddUser(ctx, accessKey, ureq)
	if err != nil {
		return updatedAt, err
	}

	sys.notifyForUser(ctx, accessKey, false)
	return updatedAt, nil
}

// SetUserSecretKey - sets user secret key