diff --git a/plugins/module_utils/ansible_freeipa_module.py b/plugins/module_utils/ansible_freeipa_module.py
index 5ac52c73..02e02630 100644
--- a/plugins/module_utils/ansible_freeipa_module.py
+++ b/plugins/module_utils/ansible_freeipa_module.py
@@ -285,6 +285,23 @@ def compare_args_ipa(module, args, ipa):  # noqa
     """
     base_debug_msg = "Ansible arguments and IPA commands differed. "
 
+    # If both args and ipa are None, return there's no difference.
+    # If only one is None, return there is a difference.
+    # This tests avoid unecessary invalid access to attributes.
+    if args is None and ipa is None:
+        return True
+    if args is None or ipa is None:
+        module.debug(
+            base_debug_msg + "args is%s None an ipa is%s None" % (
+                "" if args is None else " not", "" if ipa is None else " not",
+            )
+        )
+        return False
+
+    # Fail if args or ipa are not dicts.
+    if not (isinstance(args, dict) and isinstance(ipa, dict)):
+        raise TypeError("Expected 'dicts' to compare.")
+
     for key in args.keys():
         if key not in ipa:
             module.debug(
diff --git a/plugins/modules/ipaprivilege.py b/plugins/modules/ipaprivilege.py
index 18074f58..66af01e5 100644
--- a/plugins/modules/ipaprivilege.py
+++ b/plugins/modules/ipaprivilege.py
@@ -234,14 +234,22 @@ def main():
                 if action == "privilege":
                     # Found the privilege
                     if res_find is not None:
+                        res_cmp = {
+                            k: v for k, v in res_find.items()
+                            if k not in [
+                                "objectclass", "cn", "dn",
+                                "memberof_permisssion"
+                            ]
+                        }
                         # For all settings is args, check if there are
                         # different settings in the find result.
                         # If yes: modify
-                        if not compare_args_ipa(ansible_module, args,
-                                                res_find):
+                        if args and not compare_args_ipa(ansible_module, args,
+                                                         res_cmp):
                             commands.append([name, "privilege_mod", args])
                     else:
                         commands.append([name, "privilege_add", args])
+                        res_find = {}
 
                     member_args = {}
                     if permission:
diff --git a/tests/privilege/test_privilege.yml b/tests/privilege/test_privilege.yml
index 2a13187d..0f6a29d7 100644
--- a/tests/privilege/test_privilege.yml
+++ b/tests/privilege/test_privilege.yml
@@ -140,6 +140,30 @@
     register: result
     failed_when: result.changed or result.failed
 
+  - name: Ensure "Broad Privilege" is absent.
+    ipaprivilege:
+      ipaadmin_password: SomeADMINpassword
+      name: Broad Privilege
+      state: absent
+
+  - name: Ensure privilege Broad Privilege is created with permission. (issue 529)
+    ipaprivilege:
+      ipaadmin_password: SomeADMINpassword
+      name: Broad Privilege
+      permission:
+      - "Write IPA Configuration"
+    register: result
+    failed_when: not result.changed or result.failed
+
+  - name: Ensure privilege Broad Privilege is created with permission, again. (issue 529)
+    ipaprivilege:
+      ipaadmin_password: SomeADMINpassword
+      name: Broad Privilege
+      permission:
+      - "Write IPA Configuration"
+    register: result
+    failed_when: result.changed or result.failed
+
   # CLEANUP TEST ITEMS
 
   - name: Ensure privilege testing privileges are absent