* target server where keys are SIDs representing an account and each value
     * is an ArrayList of SIDs represents the local groups that the account is
     * a member of.
     * <p/>
     * This method is designed to assist with computing access control for a
     * given user when the target object's ACL has local groups. Local groups

import java.util.List;

/**
 * Tester for {@link Equivalence} relationships between groups of objects.
 *
 * <p>To use, create a new {@link EquivalenceTester} and add equivalence groups where each group
 * contains objects that are supposed to be equal to each other. Objects of different groups are
 * expected to be unequal. For example:
 *
 * <pre>{@code
 * EquivalenceTester.of(someStringEquivalence)

import java.util.List;

/**
 * Tester for {@link Equivalence} relationships between groups of objects.
 *
 * <p>To use, create a new {@link EquivalenceTester} and add equivalence groups where each group
 * contains objects that are supposed to be equal to each other. Objects of different groups are
 * expected to be unequal. For example:
 *
 * <pre>{@code
 * EquivalenceTester.of(someStringEquivalence)

						return
					}
				}
				if _, gerr := globalIAMSys.AddUsersToGroup(ctx, group, grpInfo.Members); gerr != nil {
					failed.Groups = append(failed.Groups, madmin.IAMErrEntity{Name: group, Error: err})
				} else {
					added.Groups = append(added.Groups, group)
				}
			}
		}
	}

	// import service accounts
	{

                                <div class="form-group row">
                                    <label for="groups" class="col-sm-3 text-sm-right col-form-label"><la:message
                                            key="labels.groups"/></label>
                                    <div class="col-sm-9">
                                        <la:errors property="groups"/>

  }

  // Check for too few groups. We wanted exactly four.
  return b == addressOffset + 4
}

/** Encodes an IPv6 address in canonical form according to RFC 5952. */
internal fun inet6AddressToAscii(address: ByteArray): String {
  // Go through the address looking for the longest run of 0s. Each group is 2-bytes.
  // A run must be longer than one group (section 4.2.2).

  // User is the user you're testing for.
  // If you specify "User" but not "Group", then is it interpreted as "What if User were not a member of any groups
  // +optional
  optional string user = 3;

  // Groups is the groups you're testing for.
  // +optional
  repeated string group = 4;

	}

	// Bind to the lookup user account again to perform group search.
	if err = l.LDAP.LookupBind(conn); err != nil {
		return nil, nil, err
	}

	// User groups lookup.
	groups, err := l.LDAP.SearchForUserGroups(conn, username, lookupResult.ActualDN)
	if err != nil {
		return nil, nil, err
	}

	return lookupResult, groups, nil
}

// GetExpiryDuration - return parsed expiry duration.

                    ArrayList groups = (ArrayList)map.get(mems[mi]);
                    if (groups == null) {
                        groups = new ArrayList();
                        map.put(mems[mi], groups);
                    }
                    if (!groups.contains(groupSid))
                        groups.add(groupSid);
                }
            }

            }
            this.groupSid = new SID(domainId, groupId);

            // Compute Group IDs with Domain ID to get Group SIDs
            this.groupSids = new SID[groups.length];
            for ( int i = 0; i < groups.length; i++ ) {
                this.groupSids[ i ] = new SID(domainId, groups[ i ].getId());
            }
        }
        catch ( IOException e ) {