ipaserver/ipareplica: Always generate SIDs

The SID is always generated in the command line installers in newer IPA
versions. This also needs to be done in the ipaserver and ipareplica roles.

For the IPA versions that are supporting this, the adtrust setup is always
executed to generated the SIDs, but only configures AD trust if
ipaserver_setup_adtrust or ipareplica_setup_adtrust is also enabled. A
check has been added to ipaserver_test and ipareplica_test to only enable
the SID generation for the IPA versions supporting this.

This is related to https://pagure.io/freeipa/8995

Fixes:
- https://bugzilla.redhat.com/show_bug.cgi?id=2110478
- https://bugzilla.redhat.com/show_bug.cgi?id=2110491

roles/ipaserver/tasks/install.yml

@@ -191,6 +191,7 @@
       secondary_rid_base: "{{ ipaserver_secondary_rid_base | default(omit) }}"
       ### additional ###
       setup_ca: "{{ result_ipaserver_test.setup_ca }}"
+      sid_generation_always: "{{ result_ipaserver_test.sid_generation_always }}"
       random_serial_numbers: no
       _hostname_overridden: "{{ result_ipaserver_test._hostname_overridden }}"
     register: result_ipaserver_prepare
@@ -394,7 +395,8 @@
         adtrust_netbios_name: "{{ result_ipaserver_prepare.adtrust_netbios_name }}"
         adtrust_reset_netbios_name:
           "{{ result_ipaserver_prepare.adtrust_reset_netbios_name }}"
-      when: result_ipaserver_test.setup_adtrust
+      when: result_ipaserver_test.setup_adtrust or
+            result_ipaserver_test.sid_generation_always
 
     - name: Install - Set DS password
       ipaserver_set_ds_password: