diff --git a/scripts/automation/Radius/Functions/Private/CertDeployment/Get-CertInfo.ps1 b/scripts/automation/Radius/Functions/Private/CertDeployment/Get-CertInfo.ps1
index 1745050ae..9f74d5677 100644
--- a/scripts/automation/Radius/Functions/Private/CertDeployment/Get-CertInfo.ps1
+++ b/scripts/automation/Radius/Functions/Private/CertDeployment/Get-CertInfo.ps1
@@ -23,10 +23,17 @@ function Get-CertInfo {
         if ($UserCerts) {
             # Find all userCert paths
             if ($username) {
-                $foundCerts = Resolve-Path -Path "$JCScriptRoot/UserCerts/$username-*.crt" -ErrorAction SilentlyContinue
+                $foundCerts = Resolve-Path -Path "$JCScriptRoot/UserCerts/$username-$($Global:JCR_CERT_TYPE)*.crt" -ErrorAction SilentlyContinue
 
             } else {
-                $foundCerts = Resolve-Path -Path "$JCScriptRoot/UserCerts/*.crt" -ErrorAction SilentlyContinue
+                $foundCerts = New-Object System.Collections.ArrayList
+                $global:JCRRadiusMembers.username | ForEach-Object {
+                    $foundCert = Resolve-Path -Path "$JCScriptRoot/UserCerts/$_-$($Global:JCR_CERT_TYPE)*.crt" -ErrorAction SilentlyContinue
+                    if ($foundCert) {
+                        $foundCerts.Add($foundCert) | Out-Null
+                    }
+
+                }
             }
         }
 
diff --git a/scripts/automation/Radius/Functions/Private/HashFunctions/Test-UserFromHash.ps1 b/scripts/automation/Radius/Functions/Private/HashFunctions/Test-UserFromHash.ps1
index 6e03676cc..71dfe5a20 100644
--- a/scripts/automation/Radius/Functions/Private/HashFunctions/Test-UserFromHash.ps1
+++ b/scripts/automation/Radius/Functions/Private/HashFunctions/Test-UserFromHash.ps1
@@ -37,7 +37,7 @@ function Test-UserFromHash {
                 # Get the UserID from the keys
                 $matchedUserID = $Global:JCRUsers.keys | Select-Object -Index $matchedIndex
                 # validate that the userID is in the radiusMembership hash:
-                if ($matchedIndex) {
+                if ($matchedUserID) {
                     # finally return the $matchedUser object
                     $matchedUser = $Global:JCRUsers[$matchedUserID]
                 } else {
diff --git a/scripts/automation/Radius/Tests/Public/Get-JCRGlobalVars.Tests.ps1 b/scripts/automation/Radius/Tests/Public/Get-JCRGlobalVars.Tests.ps1
index 13b3186d3..1a9ae9412 100644
--- a/scripts/automation/Radius/Tests/Public/Get-JCRGlobalVars.Tests.ps1
+++ b/scripts/automation/Radius/Tests/Public/Get-JCRGlobalVars.Tests.ps1
@@ -196,4 +196,46 @@ Describe "Get Global Variable Data Tests" -Tag "Cache" {
         }
 
     }
+    Context "Tests that the RadiusMembers.json file is updated when users are added or removed from the user group" {
+        BeforeAll {
+            # create a new user
+            $user = New-RandomUser -Domain "pesterRadius" | New-JCUser
+        }
+        It "when a user is added to the group, they should be added to the RadiusMembers.json & users.json file" {
+            # get the RadiusMembers.json before
+            # get the user.json file before
+            # add a user to the radius Group
+            Add-JCUserGroupMember -GroupID $Global:JCR_USER_GROUP -UserID $user.id
+            Start-Sleep 1
+            # update the cache forcefully
+            Get-JCRGlobalVars -force -skipAssociation -associateManually
+            Start-Sleep 1
+            # the new user should be in the membership list
+            $global:JCRRadiusMembers.username | Should -Contain $user.username
+
+            # the new user should be in user.json list
+            $userData = Get-UserJsonData
+            $userData.username | Should -Contain $user.username
+
+
+
+
+        }
+        It "when a user is removed from the group, they should be removed to the RadiusMembers.json & users.json file" {
+            # get the RadiusMembers.json before
+            # get the user.json file before
+            # add a user to the radius Group
+            Remove-JCUserGroupMember -GroupID $Global:JCR_USER_GROUP -UserID $user.id
+            Start-Sleep 1
+            # update the cache forcefully
+            Get-JCRGlobalVars -force -skipAssociation -associateManually
+            Start-Sleep 1
+            # the new user should be in the membership list
+            $global:JCRRadiusMembers.username | Should -Not -Contain $user.username
+
+            # the new user should be in user.json list
+            $userData = Get-UserJsonData
+            $userData.username | Should -Not -Contain $user.username
+        }
+    }
 }
diff --git a/scripts/automation/Radius/Tests/Public/Start-GenerateRootCert.Tests.ps1 b/scripts/automation/Radius/Tests/Public/Start-GenerateRootCert.Tests.ps1
index 1833e9af6..216fac77c 100644
--- a/scripts/automation/Radius/Tests/Public/Start-GenerateRootCert.Tests.ps1
+++ b/scripts/automation/Radius/Tests/Public/Start-GenerateRootCert.Tests.ps1
@@ -1,25 +1,16 @@
 Describe "Generate Root Certificate Tests" -Tag "GenerateRootCert" {
+    BeforeEach {
+        # If the /Cert/ folder is not empty, clear the directory
+        $items = Get-ChildItem "$JCScriptRoot/Cert"
+        if ($items) {
+            foreach ($item in $items) {
+                # If the item is the 'backup' folder, process its contents separately
+                Remove-Item -Path $item.FullName -Recurse -Force -Confirm:$false
+            }
+        }
+    }
     Context "A new certificate can be generated" {
         It 'Generates a new root certificate' {
-            # If the /Cert/ folder is not empty, clear the directory
-            $items = Get-ChildItem "$JCScriptRoot/Cert"
-            if ($items) {
-                foreach ($item in $items) {
-                    # If the item is the 'backup' folder, process its contents separately
-                    if ($item.Name -eq 'Backups') {
-                        $backupItems = Get-ChildItem $item.FullName
-                        foreach ($backupItem in $backupItems) {
-                            Write-Host "Removing $($backupItem.FullName)"
-                            Remove-Item -Path $backupItem.FullName -Force
-                        }
-                    }
-                    # Otherwise, remove the item directly (outside of the 'backup' folder)
-                    elseif ($item.PSIsContainer -eq $false) {
-                        Write-Host "Removing $($item.FullName)"
-                        Remove-Item -Path $item.FullName -Force
-                    }
-                }
-            }
             Start-GenerateRootCert -certKeyPassword "testCertificate123!@#" -generateType "new" -force
 
             # both the key and the cert should be generated
@@ -43,26 +34,6 @@ Describe "Generate Root Certificate Tests" -Tag "GenerateRootCert" {
 
     Context "Overwrite an existing root certificate when creating a new one" {
         It 'Generates a new root certificate when there is an existing one' {
-            # If the /Cert/ folder is not empty, clear the directory
-            $items = Get-ChildItem "$JCScriptRoot/Cert"
-            if ($items) {
-                foreach ($item in $items) {
-                    # If the item is the 'backup' folder, process its contents separately
-                    if ($item.Name -eq 'Backups') {
-                        $backupItems = Get-ChildItem $item.FullName
-                        foreach ($backupItem in $backupItems) {
-                            Write-Host "Removing $($backupItem.FullName)"
-                            Remove-Item -Path $backupItem.FullName -Force
-                        }
-                    }
-                    # Otherwise, remove the item directly (outside of the 'backup' folder)
-                    elseif ($item.PSIsContainer -eq $false) {
-                        Write-Host "Removing $($item.FullName)"
-                        Remove-Item -Path $item.FullName -Force
-                    }
-                }
-            }
-
             # Create a new root certificate
             Start-GenerateRootCert -certKeyPassword "testCertificate123!@#" -generateType "New" -force
             # get existing cert serial:
@@ -97,25 +68,6 @@ Describe "Generate Root Certificate Tests" -Tag "GenerateRootCert" {
 
     Context "An existing certificate can be replaced" {
         It 'Replaces a root certificate' {
-            # If the /Cert/ folder is not empty, clear the directory
-            $items = Get-ChildItem "$JCScriptRoot/Cert"
-            if ($items) {
-                foreach ($item in $items) {
-                    # If the item is the 'backup' folder, process its contents separately
-                    if ($item.Name -eq 'Backups') {
-                        $backupItems = Get-ChildItem $item.FullName
-                        foreach ($backupItem in $backupItems) {
-                            Write-Host "Removing $($backupItem.FullName)"
-                            Remove-Item -Path $backupItem.FullName -Force
-                        }
-                    }
-                    # Otherwise, remove the item directly (outside of the 'backup' folder)
-                    elseif ($item.PSIsContainer -eq $false) {
-                        Write-Host "Removing $($item.FullName)"
-                        Remove-Item -Path $item.FullName -Force
-                    }
-                }
-            }
             # Create a new root certificate
             Start-GenerateRootCert -certKeyPassword "testCertificate123!@#" -generateType "new" -force
             # get existing cert serial:
@@ -150,25 +102,6 @@ Describe "Generate Root Certificate Tests" -Tag "GenerateRootCert" {
     }
     Context "An existing certificate can be renewed" {
         It 'Renews a root certificate' {
-            # If the /Cert/ folder is not empty, clear the directory
-            $items = Get-ChildItem "$JCScriptRoot/Cert"
-            if ($items) {
-                foreach ($item in $items) {
-                    # If the item is the 'backup' folder, process its contents separately
-                    if ($item.Name -eq 'Backups') {
-                        $backupItems = Get-ChildItem $item.FullName
-                        foreach ($backupItem in $backupItems) {
-                            Write-Host "Removing $($backupItem.FullName)"
-                            Remove-Item -Path $backupItem.FullName -Force
-                        }
-                    }
-                    # Otherwise, remove the item directly (outside of the 'backup' folder)
-                    elseif ($item.PSIsContainer -eq $false) {
-                        Write-Host "Removing $($item.FullName)"
-                        Remove-Item -Path $item.FullName -Force
-                    }
-                }
-            }
             # Generate new CA
             Start-GenerateRootCert -certKeyPassword "testCertificate123!@#" -generateType "new" -force
             # get existing cert serial:
diff --git a/scripts/automation/Radius/Tests/Public/Start-GenerateUserCerts.Tests.ps1 b/scripts/automation/Radius/Tests/Public/Start-GenerateUserCerts.Tests.ps1
index 3f9454068..66b7c717c 100644
--- a/scripts/automation/Radius/Tests/Public/Start-GenerateUserCerts.Tests.ps1
+++ b/scripts/automation/Radius/Tests/Public/Start-GenerateUserCerts.Tests.ps1
@@ -46,13 +46,14 @@ Describe 'Generate User Cert Tests' -Tag "GenerateUserCerts" {
             # Get the certs before
             $certsBefore = Get-ChildItem -Path "$JCScriptRoot/UserCerts"
             # wait one moment
-            Start-Sleep 2
+            Start-Sleep 1
             # update the cache
             Get-JCRGlobalVars -force -skipAssociation -associateManually
             # wait just one moment before testing membership since we are writing a file
             Start-Sleep 1
             # the new user should be in the membership list:
             $global:JCRRadiusMembers.username | Should -Contain $user.username
+            $Global:JCRUsers.keys | should -Contain $user.id
             # Generate the user cert:
             Start-GenerateUserCerts -type ByUsername -username $($user.username) -forceReplaceCerts
             # Get the certs after
@@ -170,13 +171,14 @@ Describe 'Generate User Cert Tests' -Tag "GenerateUserCerts" {
             # Get the certs before
             $certsBefore = Get-ChildItem -Path "$JCScriptRoot/UserCerts"
             # wait one moment
-            Start-Sleep 2
+            Start-Sleep 1
             # update the cache
             Get-JCRGlobalVars -force -skipAssociation -associateManually
             # wait just one moment before testing membership since we are writing a file
             Start-Sleep 1
             # the new user should be in the membership list:
             $global:JCRRadiusMembers.username | Should -Contain $user.username
+            $Global:JCRUsers.keys | should -Contain $user.id
             # Generate the user cert:
             Start-GenerateUserCerts -type ByUsername -username $($user.username) -forceReplaceCerts
             # Get the certs after
@@ -201,13 +203,14 @@ Describe 'Generate User Cert Tests' -Tag "GenerateUserCerts" {
             # Get the certs before
             $certsBefore = Get-ChildItem -Path "$JCScriptRoot/UserCerts"
             # wait one moment
-            Start-Sleep 2
+            Start-Sleep 1
             # update the cache
             Get-JCRGlobalVars -force -skipAssociation -associateManually
             # wait just one moment before testing membership since we are writing a file
             Start-Sleep 1
             # the new user should be in the membership list:
             $global:JCRRadiusMembers.username | Should -Contain $user.username
+            $Global:JCRUsers.keys | should -Contain $user.id
             # Generate the user cert:
             Start-GenerateUserCerts -type ByUsername -username $($user.username) -forceReplaceCerts
             # Get the certs after