diff --git a/lib/src/clixon_validate_minmax.c b/lib/src/clixon_validate_minmax.c
index f67af7fd..f4167547 100644
--- a/lib/src/clixon_validate_minmax.c
+++ b/lib/src/clixon_validate_minmax.c
@@ -553,6 +553,7 @@ xml_yang_minmax_new_leaf_list(cxobj     *x0,
     cxobj     *xj;
     char      *bi;
     char      *bj;
+    cvec      *cvv = NULL;
 
     xi = x0;
     do {
@@ -564,7 +565,12 @@ xml_yang_minmax_new_leaf_list(cxobj     *x0,
             if ((bj = xml_body(xj)) == NULL)
                 continue;
             if (bi && bj && strcmp(bi, bj) == 0){
-                if (xret && netconf_data_not_unique_xml(xret, xi, NULL) < 0)
+                if ((cvv = cvec_new(0)) == NULL){
+                    clixon_err(OE_UNIX, errno, "cvec_new");
+                    goto done;
+                }
+                cvec_add_string(cvv, "name", bi);
+                if (xret && netconf_data_not_unique_xml(xret, xi, cvv) < 0)
                     goto done;
                 goto fail;
             }
@@ -574,6 +580,8 @@ xml_yang_minmax_new_leaf_list(cxobj     *x0,
            xml_spec(xi) == y0);
     retval = 1;
  done:
+    if (cvv)
+        cvec_free(cvv);
     return retval;
  fail:
     retval = 0;
diff --git a/test/nacm.sh b/test/nacm.sh
index bb3c11f1..46f5aada 100755
--- a/test/nacm.sh
+++ b/test/nacm.sh
@@ -2,7 +2,9 @@
 # Authentication and authorization and IETF NACM
 # Library variable and functions
 
-USER=$(whoami)
+if [ $(whoami) != root ]; then
+    EXTRAUSER="<user-name>$(whoami)</user-name>"
+fi
 
 # Three groups from RFC8341 A.1 (admin extended with $USER)
 NGROUPS=$(cat <<EOF
@@ -12,7 +14,7 @@ NGROUPS=$(cat <<EOF
          <user-name>root</user-name>
          <user-name>admin</user-name>
          <user-name>andy</user-name>
-         <user-name>$USER</user-name>
+         $EXTRAUSER
        </group>
        <group>
          <name>limited</name>
diff --git a/test/test_nacm_credentials.sh b/test/test_nacm_credentials.sh
index 00cb48ea..d740f174 100755
--- a/test/test_nacm_credentials.sh
+++ b/test/test_nacm_credentials.sh
@@ -18,6 +18,8 @@ APPNAME=example
 cfg=$dir/conf_yang.xml
 fyang=$dir/nacm-example.yang
 
+NACMUSER=$(whoami)
+
 cat <<EOF > $fyang
 module nacm-example{
   yang-version 1.1;
@@ -182,13 +184,13 @@ testrun except "" UNIX $dir/backend.sock "$OK" ""
 
 # UNIX socket, myuser, loop mode. All should work
 new "Credentials: mode=none, fam=UNIX user=me"
-testrun none "$USER" UNIX $dir/backend.sock "$OK" ""
+testrun none "$NACMUSER" UNIX $dir/backend.sock "$OK" ""
 
 new "Credentials: mode=exact, fam=UNIX user=me"
-testrun exact "$USER" UNIX $dir/backend.sock "$OK" ""
+testrun exact "$NACMUSER" UNIX $dir/backend.sock "$OK" ""
 
 new "Credentials: mode=except, fam=UNIX user=me"
-testrun except "$USER" UNIX $dir/backend.sock "$OK" ""
+testrun except "$NACMUSER" UNIX $dir/backend.sock "$OK" ""
 
 # UNIX socket, admin user. First should work
 new "Credentials: mode=none, fam=UNIX user=admin"
@@ -212,15 +214,17 @@ testrun except admin UNIX $dir/backend.sock "$OK" sudo
 
 # IPv4 socket, admin user. First should work
 new "Credentials: mode=none, fam=UNIX user=admin sudo"
-testrun none $USER IPv4 127.0.0.1 "$OK" ""
+testrun none $NACMUSER IPv4 127.0.0.1 "$OK" ""
 
 new "Credentials: mode=exact, fam=UNIX user=admin sudo"
-testrun exact $USER IPv4 127.0.0.1 "$ERROR" ""
+testrun exact $NACMUSER IPv4 127.0.0.1 "$ERROR" ""
 
 new "Credentials: mode=except, fam=UNIX user=admin sudo"
-testrun except $USER IPv4 127.0.0.1 "$ERROR" ""
+testrun except $NACMUSER IPv4 127.0.0.1 "$ERROR" ""
 
 rm -rf $dir
 
+unset NACMUSER
+
 new "endtest"
 endtest
diff --git a/test/test_nacm_recovery.sh b/test/test_nacm_recovery.sh
index 74e7f56a..a55bed49 100755
--- a/test/test_nacm_recovery.sh
+++ b/test/test_nacm_recovery.sh
@@ -18,6 +18,8 @@ APPNAME=example
 cfg=$dir/conf_yang.xml
 fyang=$dir/nacm-example.yang
 
+NACMUSER=$(whoami)
+
 # cred:none, exact, except
 
 # Define default restconfig config: RESTCONFIG
@@ -147,20 +149,20 @@ EOF
 }
 
 #------- CRED: except USER: non-root
-if [ "$USER" != root ]; then # Skip if USER is root
+if [ "$NACMUSER" != root ]; then # Skip if USER is root
 # This is default, therefore first
 CRED=except 
-REALUSER=$USER
+REALUSER=$NACMUSER
 
 # Recovery as a seperate user does not work
-PSEUDO=$USER
+PSEUDO=$NACMUSER
 RECOVERY=_recovery
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY true false
 
 # Recovery as actual user works
-PSEUDO=$USER
-RECOVERY=$USER
+PSEUDO=$NACMUSER
+RECOVERY=$NACMUSER
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY true true
 
@@ -171,13 +173,13 @@ new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY false false
 
 PSEUDO=_recovery
-RECOVERY=$USER
+RECOVERY=$NACMUSER
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY false false
 
-fi # skip is USER is root
+fi # skip is NACMUSER is root
 
-#------- CRED: except USER: root
+#------- CRED: except NACMUSER: root
 CRED=except 
 REALUSER=root 
 
@@ -207,7 +209,7 @@ testrun $CRED $REALUSER $PSEUDO $RECOVERY true false
 #------- CRED: none
 # Check you can use any pseudo user if cred is none
 CRED=none
-REALUSER=$USER
+REALUSER=$NACMUSER
 PSEUDO=_recovery
 RECOVERY=_recovery
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
@@ -225,4 +227,6 @@ testrun $CRED $REALUSER $PSEUDO $RECOVERY false false
 new "endtest"
 endtest
 
+unset NACMUSER
+
 rm -rf $dir
diff --git a/test/test_netconf_duplicate.sh b/test/test_netconf_duplicate.sh
index c786e56d..b7070048 100755
--- a/test/test_netconf_duplicate.sh
+++ b/test/test_netconf_duplicate.sh
@@ -66,7 +66,6 @@ fi
 new "wait backend"
 wait_backend
 
-if false; then
 new "Add list with duplicate"
 expecteof_netconf "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO" "<rpc $DEFAULTNS><edit-config><target><candidate/></target><default-operation>replace</default-operation><config><c xmlns=\"urn:example:clixon\">
      <server>
@@ -78,14 +77,13 @@ expecteof_netconf "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO" "<rpc $DEFAULTNS>
        <value>foo</value>
      </server>
 </c></config></edit-config></rpc>" "" "<rpc-reply $DEFAULTNS><rpc-error><error-type>application</error-type><error-tag>operation-failed</error-tag><error-app-tag>data-not-unique</error-app-tag><error-severity>error</error-severity><error-info><non-unique xmlns=\"urn:ietf:params:xml:ns:yang:1\">/rpc/edit-config/config/c/server[name=\"one\"]/name</non-unique></error-info></rpc-error></rpc-reply>"
-fi
 
 new "Add leaf-list with duplicate"
 expecteof_netconf "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO" "<rpc $DEFAULTNS><edit-config><target><candidate/></target><default-operation>replace</default-operation><config><c xmlns=\"urn:example:clixon\">
        <b>one</b>
        <b>two</b>
        <b>one</b>
-</c></config></edit-config></rpc>" "" "<rpc-reply $DEFAULTNS><rpc-error><error-type>application</error-type><error-tag>operation-failed</error-tag><error-app-tag>data-not-unique</error-app-tag><error-severity>error</error-severity></rpc-error></rpc-reply>"
+</c></config></edit-config></rpc>" "" "<rpc-reply $DEFAULTNS><rpc-error><error-type>application</error-type><error-tag>operation-failed</error-tag><error-app-tag>data-not-unique</error-app-tag><error-severity>error</error-severity><error-info><non-unique xmlns=\"urn:ietf:params:xml:ns:yang:1\">/rpc/edit-config/config/c/b[.=\"one\"]/one</non-unique></error-info></rpc-error></rpc-reply>"
 
 if [ $BE -ne 0 ]; then
     new "Kill backend"
diff --git a/test/test_restconf_basic_auth.sh b/test/test_restconf_basic_auth.sh
index bbc9135d..0bce377b 100755
--- a/test/test_restconf_basic_auth.sh
+++ b/test/test_restconf_basic_auth.sh
@@ -101,7 +101,7 @@ cat <<EOF > $dir/startup_db
        <group>
          <name>admin</name>
          <user-name>root</user-name>
-         <user-name>$USER</user-name>
+         $EXTRAUSER
        </group>
      </groups>
      <rule-list>