diff --git a/ex401/ex401.3.2/Dockerfile b/ex401/ex401.3.2/Dockerfile
deleted file mode 100644
index 35a2dc9..0000000
--- a/ex401/ex401.3.2/Dockerfile
+++ /dev/null
@@ -1,29 +0,0 @@
-ARG VERSION_TAG
-FROM tier/gte:401.3.1-$VERSION_TAG
-
-LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
-      Vendor="TIER" \
-      ImageType="Grouper Training" \
-      ImageName=$imagename \
-      ImageOS=centos7
-
-ENV USERTOKEN=gte-401.3.2
-
-COPY container_files/seed-data/ /seed-data/
-
-#  && setupFiles
-RUN . /usr/local/bin/library.sh \
-    && prep_conf && prep_finish; \
-    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
-    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
-    (mysqld_safe & ) \
-    && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouperWebapp/WEB-INF \
-    && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
-    && mysql grouper < /seed-data/sisData.sql \
-    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
-    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
-    && pkill -HUP slapd \
-    && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
-    pkill -u mysql mysqld \
-    && while curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to stop; sleep 1; done
diff --git a/ex401/ex401.3.2/container_files/seed-data/bootstrap.gsh b/ex401/ex401.3.2/container_files/seed-data/bootstrap.gsh
deleted file mode 100644
index 9d09a22..0000000
--- a/ex401/ex401.3.2/container_files/seed-data/bootstrap.gsh
+++ /dev/null
@@ -1,60 +0,0 @@
-gs = GrouperSession.startRootSession();
-
-# SET THESE
-parent_stem_path = "app";
-app_extension = "boardeffect";
-app_name = "";
- 
- 
-if (!app_name?.trim())
-{
-    app_name = app_extension;
-}
- 
-def makeStemInheritable(obj, stemName, groupName, priv="admin") {
-    baseStem = obj.getStems(stemName)[0];
-    aGroup = obj.getGroups(groupName)[0];
-    RuleApi.inheritGroupPrivileges(
-        SubjectFinder.findRootSubject(),
-        baseStem,
-        Stem.Scope.SUB,
-        aGroup.toSubject(),
-        Privilege.getInstances(priv)
-    );
-    RuleApi.runRulesForOwner(baseStem);
-    if(priv == 'admin')
-    {
-        RuleApi.inheritFolderPrivileges(
-            SubjectFinder.findRootSubject(),
-            baseStem,
-            Stem.Scope.SUB,
-            aGroup.toSubject(),
-            Privilege.getInstances("stem, create"));
-    }
-    RuleApi.runRulesForOwner(baseStem);
-}
- 
-stem = addStem(parent_stem_path, app_extension, app_name);
-etc_stem = addStem(stem.name, "etc", "etc");
-admin_group_name = "${app_extension}_admins";
-admin_group = addGroup(etc_stem.name, admin_group_name, admin_group_name);
-admin_group.grantPriv(admin_group.toMember().getSubject(), AccessPrivilege.ADMIN);
-mgr_group_name = "${app_extension}_mgr";
-mgr_group = addGroup(etc_stem.name, mgr_group_name, mgr_group_name);
-mgr_group.grantPriv(admin_group.toMember().getSubject(), AccessPrivilege.ADMIN);
-mgr_group.grantPriv(mgr_group.toMember().getSubject(), AccessPrivilege.UPDATE);
-mgr_group.grantPriv(mgr_group.toMember().getSubject(), AccessPrivilege.READ);
-view_group_name = "${app_extension}_viewers";
-view_group = addGroup(etc_stem.name, view_group_name, view_group_name);
-view_group.grantPriv(view_group.toMember().getSubject(), AccessPrivilege.READ);
-view_group.grantPriv(admin_group.toMember().getSubject(), AccessPrivilege.ADMIN);
-view_group.grantPriv(mgr_group.toMember().getSubject(), AccessPrivilege.UPDATE);
-view_group.grantPriv(mgr_group.toMember().getSubject(), AccessPrivilege.READ);
-admin_group.grantPriv(view_group.toMember().getSubject(), AccessPrivilege.READ);
-mgr_group.grantPriv(view_group.toMember().getSubject(), AccessPrivilege.READ);
-# Child objects should also grant perms to these groups.
-makeStemInheritable(this, stem.name, admin_group.name, 'admin');
-makeStemInheritable(this, stem.name, mgr_group.name, 'update');
-makeStemInheritable(this, stem.name, mgr_group.name, 'read');
-makeStemInheritable(this, stem.name, view_group.name, 'read');
-admin_group.revokePriv(mgr_group.toMember().getSubject(), AccessPrivilege.UPDATE);
diff --git a/ex401/ex401.3.2/container_files/seed-data/sisData.sql b/ex401/ex401.3.2/container_files/seed-data/sisData.sql
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.2/container_files/seed-data/users.ldif b/ex401/ex401.3.2/container_files/seed-data/users.ldif
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.3/Dockerfile b/ex401/ex401.3.3/Dockerfile
deleted file mode 100644
index 23599b3..0000000
--- a/ex401/ex401.3.3/Dockerfile
+++ /dev/null
@@ -1,29 +0,0 @@
-ARG VERSION_TAG
-FROM tier/gte:401.3.2-$VERSION_TAG
-
-LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
-      Vendor="TIER" \
-      ImageType="Grouper Training" \
-      ImageName=$imagename \
-      ImageOS=centos7
-
-ENV USERTOKEN=gte-401.3.3
-
-COPY container_files/seed-data/ /seed-data/
-
-#  && setupFiles
-RUN . /usr/local/bin/library.sh \
-    && prep_conf && prep_finish; \
-    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
-    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
-    (mysqld_safe & ) \
-    && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouperWebapp/WEB-INF \
-    && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
-    && mysql grouper < /seed-data/sisData.sql \
-    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
-    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
-    && pkill -HUP slapd \
-    && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
-    pkill -u mysql mysqld \
-    && while curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to stop; sleep 1; done
diff --git a/ex401/ex401.3.3/container_files/seed-data/bootstrap.gsh b/ex401/ex401.3.3/container_files/seed-data/bootstrap.gsh
deleted file mode 100644
index 2d83899..0000000
--- a/ex401/ex401.3.3/container_files/seed-data/bootstrap.gsh
+++ /dev/null
@@ -1,7 +0,0 @@
-gs = GrouperSession.startRootSession();
-
-addGroup("app:boardeffect", "wr_cmt_fin_authorized", "wr_cmt_fin_authorized");
-addGroup("app:boardeffect", "wr_cmt_fin_allow", "wr_cmt_fin_allow");
-addGroup("app:boardeffect", "wr_cmt_fin_deny", "wr_cmt_fin_deny");
-
-addComposite("app:boardeffect:wr_cmt_fin_authorized", CompositeType.COMPLEMENT, "app:boardeffect:wr_cmt_fin_allow", "app:boardeffect:wr_cmt_fin_deny");
diff --git a/ex401/ex401.3.3/container_files/seed-data/sisData.sql b/ex401/ex401.3.3/container_files/seed-data/sisData.sql
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.3/container_files/seed-data/users.ldif b/ex401/ex401.3.3/container_files/seed-data/users.ldif
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.4/Dockerfile b/ex401/ex401.3.4/Dockerfile
deleted file mode 100644
index 4e0273a..0000000
--- a/ex401/ex401.3.4/Dockerfile
+++ /dev/null
@@ -1,30 +0,0 @@
-ARG VERSION_TAG
-FROM tier/gte:401.3.3-$VERSION_TAG
-
-LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
-      Vendor="TIER" \
-      ImageType="Grouper Training" \
-      ImageName=$imagename \
-      ImageOS=centos7
-
-ENV USERTOKEN=gte-401.3.4
-
-COPY container_files/seed-data/ /seed-data/
-COPY container_files/attribute-filter.xml /opt/shibboleth-idp/conf/
-
-#  && setupFiles
-RUN . /usr/local/bin/library.sh \
-    && prep_conf && prep_finish; \
-    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
-    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
-    (mysqld_safe & ) \
-    && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouperWebapp/WEB-INF \
-    && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
-    && mysql grouper < /seed-data/sisData.sql \
-    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
-    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
-    && pkill -HUP slapd \
-    && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
-    pkill -u mysql mysqld \
-    && while curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to stop; sleep 1; done
diff --git a/ex401/ex401.3.4/container_files/attribute-filter.xml b/ex401/ex401.3.4/container_files/attribute-filter.xml
deleted file mode 100644
index fbdc7b0..0000000
--- a/ex401/ex401.3.4/container_files/attribute-filter.xml
+++ /dev/null
@@ -1,79 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- 
-    This file is an EXAMPLE policy file.  While the policy presented in this 
-    example file is illustrative of some simple cases, it relies on the names of
-    non-existent example services and the example attributes demonstrated in the
-    default attribute-resolver.xml file.
-    
-    Deployers should refer to the documentation for a complete list of components
-    and their options.
--->
-<AttributeFilterPolicyGroup id="ShibbolethFilterPolicy"
-        xmlns="urn:mace:shibboleth:2.0:afp"
-        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-        xsi:schemaLocation="urn:mace:shibboleth:2.0:afp http://shibboleth.net/schema/idp/shibboleth-afp.xsd">
-
-    <!-- Release some attributes to an SP. -->
-
-<AttributeFilterPolicy id="boardeffect">
-    <PolicyRequirementRule xsi:type="Requester" value="https://college.boardeffect.com/sp" />
-
-        <AttributeRule attributeID="eduPersonEntitlement">
-            <PermitValueRule xsi:type="Value" value="https://college.boardeffect.com/sp" ignoreCase="true" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="uid">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-    </AttributeFilterPolicy>
-
-    <AttributeFilterPolicy id="grouper">
-        <PolicyRequirementRule xsi:type="Requester" value="https://grouperdemo/shibboleth" />
-
-        <AttributeRule attributeID="cn">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="eduPersonAffiliation">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="eduPersonPrimaryAffiliation">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="eduPersonEntitlement">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="eduPersonPrincipalName">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="eduPersonScopedAffiliation">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="employeeNumber">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="givenName">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="mail">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="surname">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-        <AttributeRule attributeID="uid">
-            <PermitValueRule xsi:type="ANY" />
-        </AttributeRule>
-
-    </AttributeFilterPolicy>
-</AttributeFilterPolicyGroup>
diff --git a/ex401/ex401.3.4/container_files/seed-data/bootstrap.gsh b/ex401/ex401.3.4/container_files/seed-data/bootstrap.gsh
deleted file mode 100644
index abce99e..0000000
--- a/ex401/ex401.3.4/container_files/seed-data/bootstrap.gsh
+++ /dev/null
@@ -1,19 +0,0 @@
-gs = GrouperSession.startRootSession();
-
-addGroup("app:boardeffect", "boardeffect_authorized", "boardeffect_authorized");
-addGroup("app:boardeffect", "boardeffect_authorized_allow", "boardeffect_authorized_allow");
-addGroup("app:boardeffect", "boardeffect_authorized_deny", "boardeffect_authorized_deny");
-addComposite("app:boardeffect:boardeffect_authorized", CompositeType.COMPLEMENT, "app:boardeffect:boardeffect_authorized_allow", "app:boardeffect:boardeffect_authorized_deny");
-
-addMember("app:boardeffect:boardeffect_authorized_allow", "app:boardeffect:wr_cmt_fin_authorized");
-
-//Assign the PSPNG attribute for the standard groups
-group = GroupFinder.findByName(gs, "app:boardeffect:boardeffect_authorized");
-
-pspngAttribute = AttributeDefNameFinder.findByName("etc:pspng:provision_to", true);
-//pspngAttributeDef = AttributeDefFinder.findByName("etc:pspng:provision_to_def", true);
-AttributeAssignSave attributeAssignSave = new AttributeAssignSave(gs).assignPrintChangesToSystemOut(true);
-attributeAssignSave.assignAttributeDefName(pspngAttribute);
-attributeAssignSave.assignOwnerGroup(group);
-attributeAssignSave.addValue("pspng_entitlements");
-attributeAssignSave.save();
diff --git a/ex401/ex401.3.4/container_files/seed-data/sisData.sql b/ex401/ex401.3.4/container_files/seed-data/sisData.sql
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.4/container_files/seed-data/users.ldif b/ex401/ex401.3.4/container_files/seed-data/users.ldif
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.5/Dockerfile b/ex401/ex401.3.5/Dockerfile
deleted file mode 100644
index 728fd4b..0000000
--- a/ex401/ex401.3.5/Dockerfile
+++ /dev/null
@@ -1,29 +0,0 @@
-ARG VERSION_TAG
-FROM tier/gte:401.3.4-$VERSION_TAG
-
-LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
-      Vendor="TIER" \
-      ImageType="Grouper Training" \
-      ImageName=$imagename \
-      ImageOS=centos7
-
-ENV USERTOKEN=gte-401.3.5
-
-COPY container_files/seed-data/ /seed-data/
-
-#  && setupFiles
-RUN . /usr/local/bin/library.sh \
-    && prep_conf && prep_finish; \
-    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
-    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
-    (mysqld_safe & ) \
-    && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouperWebapp/WEB-INF \
-    && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
-    && mysql grouper < /seed-data/sisData.sql \
-    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
-    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
-    && pkill -HUP slapd \
-    && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
-    pkill -u mysql mysqld \
-    && while curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to stop; sleep 1; done
diff --git a/ex401/ex401.3.5/container_files/seed-data/bootstrap.gsh b/ex401/ex401.3.5/container_files/seed-data/bootstrap.gsh
deleted file mode 100644
index 7d379cf..0000000
--- a/ex401/ex401.3.5/container_files/seed-data/bootstrap.gsh
+++ /dev/null
@@ -1,9 +0,0 @@
-gs = GrouperSession.startRootSession();
-
-addStem("app:boardeffect", "ref", "ref");
-addGroup("app:boardeffect:ref", "cmt_fin", "cmt_fin");
-
-addMember("app:boardeffect:wr_cmt_fin_allow", "app:boardeffect:ref:cmt_fin");
-addMember("app:boardeffect:wr_cmt_fin_deny", "ref:iam:global_deny");
-
-addMember("app:boardeffect:etc:boardeffect_admins", "amartinez410");
diff --git a/ex401/ex401.3.5/container_files/seed-data/sisData.sql b/ex401/ex401.3.5/container_files/seed-data/sisData.sql
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.5/container_files/seed-data/users.ldif b/ex401/ex401.3.5/container_files/seed-data/users.ldif
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.6/Dockerfile b/ex401/ex401.3.6/Dockerfile
deleted file mode 100644
index 709144e..0000000
--- a/ex401/ex401.3.6/Dockerfile
+++ /dev/null
@@ -1,29 +0,0 @@
-ARG VERSION_TAG
-FROM tier/gte:401.3.5-$VERSION_TAG
-
-LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
-      Vendor="TIER" \
-      ImageType="Grouper Training" \
-      ImageName=$imagename \
-      ImageOS=centos7
-
-ENV USERTOKEN=gte-401.3.6
-
-COPY container_files/seed-data/ /seed-data/
-
-#  && setupFiles
-RUN . /usr/local/bin/library.sh \
-    && prep_conf && prep_finish; \
-    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
-    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
-    (mysqld_safe & ) \
-    && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouperWebapp/WEB-INF \
-    && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
-    && mysql grouper < /seed-data/sisData.sql \
-    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
-    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
-    && pkill -HUP slapd \
-    && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
-    pkill -u mysql mysqld \
-    && while curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to stop; sleep 1; done
diff --git a/ex401/ex401.3.6/container_files/seed-data/bootstrap.gsh b/ex401/ex401.3.6/container_files/seed-data/bootstrap.gsh
deleted file mode 100644
index b8b052b..0000000
--- a/ex401/ex401.3.6/container_files/seed-data/bootstrap.gsh
+++ /dev/null
@@ -1,25 +0,0 @@
-gs = GrouperSession.startRootSession();
-
-addGroup("app:boardeffect:ref", "cmt_fin_helpers", "cmt_fin_helpers");
-addMember("app:boardeffect:wr_cmt_fin_allow", "app:boardeffect:ref:cmt_fin_helpers");
-
-
-addGroup("app:boardeffect:ref", "workroom_helpers", "workroom_helpers");
-addMember("app:boardeffect:wr_cmt_fin_allow", "app:boardeffect:ref:workroom_helpers")
-
-# Script parameters
-group_name = "app:boardeffect:ref:workroom_helpers";
-numDays = 32;
- 
-actAs = SubjectFinder.findRootSubject();
-vpn_adhoc = getGroups(group_name)[0];
-attribAssign = vpn_adhoc.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
-attribValueDelegate = attribAssign.getAttributeValueDelegate();
-attribValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), actAs.getSourceId());
-attribValueDelegate.assignValue(RuleUtils.ruleRunDaemonName(), "F");
-attribValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), actAs.getId());
-attribValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.membershipAdd.name());
-attribValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.thisGroupHasImmediateEnabledNoEndDateMembership.name());
-attribValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.assignMembershipDisabledDaysForOwnerGroupId.name());
-attribValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), numDays.toString());
-attribValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), "T");
diff --git a/ex401/ex401.3.6/container_files/seed-data/sisData.sql b/ex401/ex401.3.6/container_files/seed-data/sisData.sql
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.6/container_files/seed-data/users.ldif b/ex401/ex401.3.6/container_files/seed-data/users.ldif
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.7/Dockerfile b/ex401/ex401.3.7/Dockerfile
deleted file mode 100644
index 48bdf76..0000000
--- a/ex401/ex401.3.7/Dockerfile
+++ /dev/null
@@ -1,29 +0,0 @@
-ARG VERSION_TAG
-FROM tier/gte:401.3.6-$VERSION_TAG
-
-LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
-      Vendor="TIER" \
-      ImageType="Grouper Training" \
-      ImageName=$imagename \
-      ImageOS=centos7
-
-ENV USERTOKEN=gte-401.3.7
-
-COPY container_files/seed-data/ /seed-data/
-
-#  && setupFiles
-RUN . /usr/local/bin/library.sh \
-    && prep_conf && prep_finish; \
-    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
-    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
-    (mysqld_safe & ) \
-    && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouperWebapp/WEB-INF \
-    && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
-    && mysql grouper < /seed-data/sisData.sql \
-    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
-    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
-    && pkill -HUP slapd \
-    && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
-    pkill -u mysql mysqld \
-    && while curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to stop; sleep 1; done
diff --git a/ex401/ex401.3.7/container_files/seed-data/bootstrap.gsh b/ex401/ex401.3.7/container_files/seed-data/bootstrap.gsh
deleted file mode 100644
index 9f92fba..0000000
--- a/ex401/ex401.3.7/container_files/seed-data/bootstrap.gsh
+++ /dev/null
@@ -1,10 +0,0 @@
-gs = GrouperSession.startRootSession();
-
-
-addStem("ref", "roles", "roles");
-addGroup("ref:roles", "president_assistant", "president_assistant");
-
-addMember("app:boardeffect:etc:boardeffect_mgr", "ref:roles:president_assistant")
-
-addMember("ref:roles:president_assistant", "amartinez410");
-delMember("app:boardeffect:etc:boardeffect_admins", "amartinez410");
\ No newline at end of file
diff --git a/ex401/ex401.3.7/container_files/seed-data/sisData.sql b/ex401/ex401.3.7/container_files/seed-data/sisData.sql
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.7/container_files/seed-data/users.ldif b/ex401/ex401.3.7/container_files/seed-data/users.ldif
deleted file mode 100644
index e69de29..0000000
diff --git a/ex401/ex401.3.end/container_files/seed-data/bootstrap.gsh b/ex401/ex401.3.end/container_files/seed-data/bootstrap.gsh
index 2a2969b..7ae1c1c 100644
--- a/ex401/ex401.3.end/container_files/seed-data/bootstrap.gsh
+++ b/ex401/ex401.3.end/container_files/seed-data/bootstrap.gsh
@@ -20,7 +20,7 @@ mgr_group = addGroup(security.name, mgr_group_name, mgr_group_name);
 view_group_name = "${app_extension}Readers";
 view_group = addGroup(security.name, view_group_name, view_group_name);
 
-addGroup("app:board_effect:service:policy", "board_effect_access", "board_effect_access");
+access_policy_group = addGroup("app:board_effect:service:policy", "board_effect_access", "board_effect_access");
 addGroup("app:board_effect:service:policy", "board_effect_access_allow", "board_effect_access_allow");
 addGroup("app:board_effect:service:policy", "board_effect_access_deny", "board_effect_access_deny");
 addComposite("app:board_effect:service:policy:board_effect_access", CompositeType.COMPLEMENT, "app:board_effect:service:policy:board_effect_access_allow", "app:board_effect:service:policy:board_effect_access_deny");
@@ -31,6 +31,18 @@ addGroup("app:board_effect:service:policy", "workroom_finance_allow", "workroom_
 addGroup("app:board_effect:service:policy", "workroom_finance_deny", "workroom_finance_deny");
 addComposite("app:board_effect:service:policy:workroom_finance", CompositeType.COMPLEMENT, "app:board_effect:service:policy:workroom_finance_allow", "app:board_effect:service:policy:workroom_finance_deny");
 addMember("app:board_effect:service:policy:board_effect_access_allow", "app:board_effect:service:policy:workroom_finance");
+addMember("app:board_effect:service:policy:workroom_finance_allow", "bthompson392");
+
+
+// Assign PSPNG `provision_to` attribute to `https://college.boardeffect.com/` with a value of `pspng_entitlements`.
+edu.internet2.middleware.grouper.pspng.FullSyncProvisionerFactory.getFullSyncer("pspng_entitlements");
+pspngAttribute = AttributeDefNameFinder.findByName("etc:pspng:provision_to", true);
+AttributeAssignSave attributeAssignSave = new AttributeAssignSave(gs).assignPrintChangesToSystemOut(true);
+attributeAssignSave.assignAttributeDefName(pspngAttribute);
+attributeAssignSave.assignOwnerGroup(access_policy_group);
+attributeAssignSave.addValue("pspng_entitlements");
+attributeAssignSave.save();
+
 
 // 401.3.3 nothing to do
 // 401.3.4 nothing to do
@@ -66,14 +78,17 @@ attribValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.assig
 attribValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), numDays.toString());
 attribValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), "T");
 
-// 401.3.7
+// 401.3.7 (slides removed)
+/*
 addStem("ref", "role", "role");
 addGroup("ref:role", "president_assistant", "president_assistant");
 addMember("ref:role:president_assistant", "amartinez410");
 addMember("app:board_effect:security:board_effectUpdaters", "ref:role:president_assistant");
 delMember("app:board_effect:security:board_effectAdmins", "amartinez410");
+*/
 
-// 401.3.8
+// 401.3.8 (slides removed)
+/*
 addStem("ref", "board", "board");
 group = GroupFinder.findByName(gs, "app:board_effect:service:ref:finance_committee", true);
 stem = StemFinder.findByName(gs, "ref:board", true);
@@ -91,4 +106,5 @@ boardeffectUpdaters = GroupFinder.findByName(gs, "app:board_effect:security:boar
 revokePriv("ref:board:finance_committee", boardeffectAdmins.toSubject().id, AccessPrivilege.ADMIN);
 revokePriv("ref:board:finance_committee", boardeffectUpdaters.toSubject().id, AccessPrivilege.UPDATE);
 revokePriv("ref:board:finance_committee", boardeffectUpdaters.toSubject().id, AccessPrivilege.READ);
+*/