ipapwpolicy: Use global_policy if name is not set

If the name is not set, the policy global_policy is now used. It was needed
before to explicitly name the global_policy. Also a check has been added
to fail early if global_policy is used with state absent.

The README for pwpolicy has been extended with an example for global_policy
and also the description of the name variable.

The test has also been extended to check a change of maxlife for
global_policy and that global_policy can not be used with state: absent

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1797532

README-pwpolicy.md

@@ -56,7 +56,7 @@ Example playbook to ensure presence of pwpolicies for exisiting group ops:
       maxfail: 3
 ```
 
-Example playbook to ensure absence of pwpolicies for group ops
+Example playbook to ensure absence of pwpolicies for group ops:
 
 ```yaml
 ---
@@ -72,6 +72,21 @@ Example playbook to ensure absence of pwpolicies for group ops
       state: absent
 ```
 
+Example playbook to ensure maxlife is set to 49 in global policy:
+
+```yaml
+---
+- name: Playbook to handle pwpolicies
+  hosts: ipaserver
+  become: true
+
+  tasks:
+  # Ensure absence of pwpolicies for group ops
+  - ipapwpolicy:
+      ipaadmin_password: MyPassword123
+      maxlife: 49
+```
+
 
 Variables
 =========
@@ -83,7 +98,7 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`name` \| `cn` | The list of pwpolicy name strings. | no
+`name` \| `cn` | The list of pwpolicy name strings. If name is not given, `global_policy` will be used automatically. | no
 `maxlife` \| `krbmaxpwdlife` | Maximum password lifetime in days. (int) | no
 `minlife` \| `krbminpwdlife` | Minimum password lifetime in hours. (int) | no
 `history` \| `krbpwdhistorylength` | Password history size. (int) | no