@Override
            public int getErrorCode() {
                return DcerpcError.DCERPC_FAULT_OP_RNG_ERROR;
            }
        }).when(mockHandle).sendrecv(any(MsrpcSamrConnect4.class));
        // Subsequent call for MsrpcSamrConnect2 should succeed
        doNothing().when(mockHandle).sendrecv(any(MsrpcSamrConnect2.class));

        try (SamrPolicyHandle handle = new SamrPolicyHandle(mockHandle, server, access)) {

By default, the temporary security credentials created by AssumeRoleWithClientGrants last for one hour. However, use the optional DurationSeconds parameter to specify the duration of the credentials. This value varies from 900 seconds (15 minutes) up to the maximum session duration of 365 days.

## API Request Parameters

### Token

/*
 * Copyright (C) 2014 The Guava Authors
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 * in compliance with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed under the License

         *
         * 2a. If the resolved types are identical to the original types, then we can return the
         * original, identical JDK TypeVariable. By doing so, we sidestep the problem entirely.
         *
         * 2b. If the resolved types are different from the original types, things are trickier. The
         * only way to get a TypeVariable instance for the resolved types is to create our own. The

      <version>1.0.0</version>
      <description><![CDATA[
        This is the file specification used to activate a profile. The missing value will be a the location
        of a file that needs to exist, and if it doesn't the profile must run.  On the other hand exists will test
        for the existence of the file and if it is there will run the profile.
      ]]></description>
      <fields>
        <field>

 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

/*
 * Copyright 2012-2025 CodeLibs Project and the Others.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,

    }
  }

  /**
   * Stores the contents of a multimap in an output stream, as part of serialization. It does not
   * support concurrent multimaps whose content may change while the method is running. The {@link
   * Multimap#asMap} view determines the ordering in which data is written to the stream.
   *
   * <p>The serialized output consists of the number of distinct keys, and then for each distinct

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *

		return
	}

	// We set the expiry of the temp. credentials to the minimum of the
	// configured expiry and the duration until the certificate itself
	// expires.
	// We must not issue credentials that out-live the certificate.
	if validUntil := time.Until(certificate.NotAfter); validUntil < expiry {
		expiry = validUntil
	}

	// Associate any service accounts to the certificate CN