Attempt to sync time if on_master is not set and no_ntp is not set: At
first with given or dicovered time servers. If no ntp servers have been
given or discovered, then with the ipa server.
New parameters:
on_master:
description: IPA client installation on IPA server
required: false
default: false
type: bool
default: no
ntp_servers:
description: List of NTP servers to use
required: false
type: list
default: []
no_ntp:
description: Do not sync time and do not detect time servers
required: false
default: false
type: bool
default: no
The ntp_servers output parameter is now always an empty list if on_master
or no_ntp is set.
When allow_repair is enabled, then the playbook will continue for an
already joined host. The remaining steps ipaconf, ipasssd, krb5, ipaapi,
ipanss and ipaextras will be redone.
If allow_repair is disabled, then the meta module will be
used with the end_play option to stop the processing of the playbook
without an error.
The use of otp can be forced to not transfer the admin password while setting
up the ipa client. Only the one-time-password will be transferred to the
client machine.
ipaclient_password will be overwritten by the otp password.
