Merge pull request #196 from rjeffman/fix_logger_info_calls

Removes invalid and unnecessary calls to logger.info.

README-group.md

@@ -52,20 +52,20 @@ Example playbook to add groups:
   tasks:
   # Create group ops with gid 1234
   - ipagroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: ops
       gidnumber: 1234
 
   # Create group sysops
   - ipagroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: sysops
       user:
       - pinky
 
   # Create group appops
   - ipagroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: appops
 ```
 
@@ -80,7 +80,7 @@ Example playbook to add users to a group:
   tasks:
   # Add user member brain to group sysops
   - ipagroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: sysops
       action: member
       user:
@@ -100,7 +100,7 @@ Example playbook to add group members to a group:
   tasks:
   # Add group members sysops and appops to group sysops
   - ipagroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: ops
       group:
       - sysops
@@ -118,7 +118,7 @@ Example playbook to remove groups:
   tasks:
   # Remove goups sysops, appops and ops
   - ipagroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: sysops,appops,ops
       state: absent
 ```
@@ -138,7 +138,7 @@ Variable | Description | Required
 `description` | The group description string. | no
 `gid` \| `gidnumber` | The GID integer. | no
 `nonposix` | Create as a non-POSIX group. (bool) | no
-`external` | Allow adding external non-IPA members from trusted domains. (bool) | no
+`external` | Allow adding external non-IPA members from trusted domains. (flag) | no
 `nomembers` | Suppress processing of membership attributes. (bool) | no
 `user` | List of user name strings assigned to this group. | no
 `group` | List of group name strings assigned to this group. | no

README-hbacrule.md

@@ -50,7 +50,7 @@ Example playbook to make sure HBAC Rule login exists:
   tasks:
   # Ensure HBAC Rule login is present
   - ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
 ```
 
@@ -66,7 +66,7 @@ Example playbook to make sure HBAC Rule login exists with the only HBAC Service
   tasks:
   # Ensure HBAC Rule login is present with the only HBAC Service sshd
   - ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       hbacsvc:
       - sshd
@@ -83,7 +83,7 @@ Example playbook to make sure HBAC Service sshd is present in HBAC Rule login:
   tasks:
   # Ensure HBAC Service sshd is present in HBAC Rule login
   - ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       hbacsvc:
       - sshd
@@ -101,7 +101,7 @@ Example playbook to make sure HBAC Service sshd is absent in HBAC Rule login:
   tasks:
   # Ensure HBAC Service sshd is present in HBAC Rule login
   - ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       hbacsvc:
       - sshd
@@ -120,7 +120,7 @@ Example playbook to make sure HBAC Rule login is absent:
   tasks:
   # Ensure HBAC Rule login is present
   - ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       state: absent
 ```

README-hbacsvc.md

@@ -50,7 +50,7 @@ Example playbook to make sure HBAC Service for http is present
   tasks:
   # Ensure HBAC Service for http is present
   - ipahbacsvc:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: http
       description: Web service
 ```
@@ -66,7 +66,7 @@ Example playbook to make sure HBAC Service for tftp is present
   tasks:
   # Ensure HBAC Service for tftp is present
   - ipahbacsvc:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: tftp
       description: TFTPWeb service
 ```
@@ -82,7 +82,7 @@ Example playbook to make sure HBAC Services for http and tftp are absent
   tasks:
   # Ensure HBAC Service for http and tftp are absent
   - ipahbacsvc:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: http,tftp
       state: absent
 ```

README-hbacsvcgroup.md

@@ -50,7 +50,7 @@ Example playbook to make sure HBAC Service Group login exists:
   tasks:
   # Ensure HBAC Service Group login is present
   - ipahbacsvcgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
 ```
 
@@ -66,7 +66,7 @@ Example playbook to make sure HBAC Service Group login exists with the only HBAC
   tasks:
   # Ensure HBAC Service Group login is present with the only HBAC Service sshd
   - ipahbacsvcgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       hbacsvc:
       - sshd
@@ -83,7 +83,7 @@ Example playbook to make sure HBAC Service sshd is present in HBAC Service Group
   tasks:
   # Ensure HBAC Service sshd is present in HBAC Service Group login
   - ipahbacsvcgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       hbacsvc:
       - sshd
@@ -101,7 +101,7 @@ Example playbook to make sure HBAC Service sshd is absent in HBAC Service Group
   tasks:
   # Ensure HBAC Service sshd is present in HBAC Service Group login
   - ipahbacsvcgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       hbacsvc:
       - sshd
@@ -120,7 +120,7 @@ Example playbook to make sure HBAC Service Group login is absent:
   tasks:
   # Ensure HBAC Service Group login is present
   - ipahbacsvcgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       state: absent
 ```

README-host.md

@@ -52,7 +52,7 @@ Example playbook to ensure host presence:
   tasks:
   # Ensure host is present
   - ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       description: Example host
       ip_address: 192.168.0.123
@@ -65,79 +65,6 @@ Example playbook to ensure host presence:
       - "52:54:00:BD:97:1E"
       state: present
 ```
-Compared to `ipa host-add` command no IP address conflict check is done as the ipahost module supports to have several IPv4 and IPv6 addresses for a host.
-
-
-Example playbook to ensure host presence with several IP addresses:
-
-```yaml
----
-- name: Playbook to handle hosts
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  # Ensure host is present
-  - ipahost:
-      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
-      description: Example host
-      ip_address:
-      - 192.168.0.123
-      - 192.168.0.124
-      - fe80::20c:29ff:fe02:a1b3
-      - fe80::20c:29ff:fe02:a1b4
-      locality: Lab
-      ns_host_location: Lab
-      ns_os_version: CentOS 7
-      ns_hardware_platform: Lenovo T61
-      mac_address:
-      - "08:00:27:E3:B1:2D"
-      - "52:54:00:BD:97:1E"
-      state: present
-```
-
-
-Example playbook to ensure IP addresses are present for a host:
-
-```yaml
----
-- name: Playbook to handle hosts
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  # Ensure host is present
-  - ipahost:
-      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
-      ip_address:
-      - 192.168.0.124
-      - fe80::20c:29ff:fe02:a1b4
-      action: member
-      state: present
-```
-
-
-Example playbook to ensure IP addresses are absent for a host:
-
-```yaml
----
-- name: Playbook to handle hosts
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  # Ensure host is present
-  - ipahost:
-      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
-      ip_address:
-      - 192.168.0.124
-      - fe80::20c:29ff:fe02:a1b4
-      action: member
-      state: absent
-```
 
 
 Example playbook to ensure host presence without DNS:
@@ -151,7 +78,7 @@ Example playbook to ensure host presence without DNS:
   tasks:
   # Ensure host is present without DNS
   - ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host02.example.com
       description: Example host
       force: yes
@@ -169,7 +96,7 @@ Example playbook to ensure host presence with a random password:
   tasks:
   - name: Host host01.example.com present with random password
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       random: yes
       force: yes
@@ -193,7 +120,7 @@ Example playbook to ensure presence of several hosts with a random password:
   tasks:
   - name: Hosts host01.example.com and host01.example.com present with random passwords
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.example.com
         random: yes
@@ -225,7 +152,7 @@ Example playbook to ensure presence of host member principal:
   tasks:
   - name: Host host01.example.com present with principals host/testhost01.example.com and host/myhost01.example.com
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       principal:
       - host/testhost01.example.com
@@ -244,7 +171,7 @@ Example playbook to ensure presence of host member certificate:
   tasks:
   - name: Host host01.example.com present with certificate
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       certificate:
       - MIIC/zCCAeegAwIBAg...
@@ -262,7 +189,7 @@ Example playbook to ensure presence of member managedby_host for serveral hosts:
 
   tasks:
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.exmaple.com
         managedby_host: server.exmaple.com
@@ -283,12 +210,12 @@ Example playbook to disable a host:
   tasks:
   # Ensure host is disabled
   - ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       update_dns: yes
       state: disabled
 ```
-`update_dns` controls if the DNS entries will be updated in this case. For `state` present it is controlling the update of the DNS SSHFP records, but not the the other DNS records.
+`update_dns` controls if the DNS entries will be updated.
 
 
 Example playbook to ensure a host is absent:
@@ -359,8 +286,8 @@ Variable | Description | Required
 `ok_to_auth_as_delegate` \| `ipakrboktoauthasdelegate` | The service is allowed to authenticate on behalf of a client (bool) | no
 `force` | Force host name even if not in DNS. | no
 `reverse` | Reverse DNS detection. | no
-`ip_address` \| `ipaddress` | The host IP address list. It can contain IPv4 and IPv6 addresses. No conflict check for IP addresses is done. | no
-`update_dns` | For existing hosts: DNS SSHFP records are updated with `state` present and all DNS entries for a host removed with `state` absent. | no
+`ip_address` \| `ipaddress` | The host IP address. | no
+`update_dns` | Update DNS entries. | no
 
 
 Return Values

README-hostgroup.md

@@ -52,7 +52,7 @@ Example playbook to make sure hostgroup databases exists:
   tasks:
   # Ensure host-group databases is present
   - ipahostgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: databases
       host:
       - db.example.com
@@ -72,7 +72,7 @@ Example playbook to make sure that hosts and hostgroups are present in existing
   tasks:
   # Ensure hosts and hostgroups are present in existing databases hostgroup
   - ipahostgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: databases
       host:
       - db.example.com
@@ -94,7 +94,7 @@ Example playbook to make sure hosts and hostgroups are absent in databases hostg
   tasks:
   # Ensure hosts and hostgroups are absent in databases hostgroup
   - ipahostgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: databases
       host:
       - db.example.com
@@ -116,7 +116,7 @@ Example playbook to make sure host-group databases is absent:
   tasks:
   # Ensure host-group databases is absent
   - ipahostgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: databases
       state: absent
 ```

README-pwpolicy.md

@@ -45,7 +45,7 @@ Example playbook to ensure presence of pwpolicies for exisiting group ops:
   tasks:
   - name: Ensure presence of pwpolicies for group ops
     ipapwpolicy:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: ops
       minlife: 7
       maxlife: 49
@@ -56,7 +56,7 @@ Example playbook to ensure presence of pwpolicies for exisiting group ops:
       maxfail: 3
 ```
 
-Example playbook to ensure absence of pwpolicies for group ops:
+Example playbook to ensure absence of pwpolicies for group ops
 
 ```yaml
 ---
@@ -67,26 +67,11 @@ Example playbook to ensure absence of pwpolicies for group ops:
   tasks:
   # Ensure absence of pwpolicies for group ops
   - ipapwpolicy:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: ops
       state: absent
 ```
 
-Example playbook to ensure maxlife is set to 49 in global policy:
-
-```yaml
----
-- name: Playbook to handle pwpolicies
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  # Ensure absence of pwpolicies for group ops
-  - ipapwpolicy:
-      ipaadmin_password: SomeADMINpassword
-      maxlife: 49
-```
-
 
 Variables
 =========
@@ -98,7 +83,7 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`name` \| `cn` | The list of pwpolicy name strings. If name is not given, `global_policy` will be used automatically. | no
+`name` \| `cn` | The list of pwpolicy name strings. | no
 `maxlife` \| `krbmaxpwdlife` | Maximum password lifetime in days. (int) | no
 `minlife` \| `krbminpwdlife` | Minimum password lifetime in hours. (int) | no
 `history` \| `krbpwdhistorylength` | Password history size. (int) | no

README-service.md

@@ -1,319 +0,0 @@
-Service module
-==============
-
-Description
------------
-
-The service module allows to ensure presence and absence of services.
-
-
-Features
---------
-
-* Service management
-
-
-Supported FreeIPA Versions
---------------------------
-
-FreeIPA versions 4.4.0 and up are supported by the ipaservice module.
-
-Option `skip_host_check` requires FreeIPA version 4.7.0 or later.
-
-
-Requirements
-------------
-
-**Controller**
-* Ansible version: 2.8+
-
-**Node**
-* Supported FReeIPA version (see above)
-
-
-Usage
-=====
-
-Example inventory file
-
-```ini
-[ipaserver]
-ipaserver.test.local
-```
-
-
-Example playbook to make sure service is present:
-
-```yaml
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is present
-  - ipaservice:
-      ipaadmin_password: SomeADMINpassword
-      name: HTTP/www.example.com
-      certificate:
-        - MIIC/zCCAeegAwIBAgIUMNHIbn+hhrOVew/2WbkteisV29QwDQYJKoZIhvcNAQELBQAw
-        DzENMAsGA1UEAwwEdGVzdDAeFw0yMDAyMDQxNDQxMDhaFw0zMDAyMDExNDQxMDhaMA8xDT
-        ALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+XVVGFYpH
-        VkcDfVnNInE1Y/pFciegdzqTjMwUWlRL4Zt3u96GhaMLRbtk+OfEkzLUAhWBOwEraELJzM
-        LJOMvjYF3C+TiGO7dStFLikZmccuSsSIXjnzIPwBXa8KvgRVRyGLoVvGbLJvmjfMXp0nIT
-        oTx/i74KF9S++WEes9H5ErJ99CDhLKFgq0amnvsgparYXhypHaRLnikn0vQINt55YoEd1s
-        4KrvEcD2VdZkIMPbLRu2zFvMprF3cjQQG4LT9ggfEXNIPZ1nQWAnAsu7OJEkNF+E4Mkmpc
-        xj9aGUVt5bsq1D+Tzj3GsidSX0nSNcZ2JltXRnL/5v63g5cZyE+nAgMBAAGjUzBRMB0GA1
-        UdDgQWBBRV0j7JYukuH/r/t9+QeNlRLXDlEDAfBgNVHSMEGDAWgBRV0j7JYukuH/r/t9+Q
-        eNlRLXDlEDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCgVy1+1kNwHs
-        5y1Zp0WjMWGCJC6/zw7FDG4OW5r2GJiCXZYdJ0UonY9ZtoVLJPrp2/DAv1m5DtnDhBYqic
-        uPgLzEkOS1KdTi20Otm/J4yxLLrZC5W4x0XOeSVPXOJuQWfwQ5pPvKkn6WxYUYkGwIt1OH
-        2nSMngkbami3CbSmKZOCpgQIiSlQeDJ8oGjWFMLDymYSHoVOIXHwNoooyEiaio3693l6no
-        obyGv49zyCVLVR1DC7i6RJ186ql0av+D4vPoiF5mX7+sKC2E8xEj9uKQ5GTWRh59VnRBVC
-        /SiMJ/H78tJnBAvoBwXxSEvj8Z3Kjm/BQqZfv4IBsA5yqV7MVq
-      pac_type: PAD
-      auth_ind: otp
-      requires_pre_auth: false
-      ok_as_delegate: false
-      ok_to_auth_as_delegate: false
-      skip-host-check: true
-      force: true
-```
-
-
-Example playbook to make sure service is absent:
-
-```yaml
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is present
-  - ipaservice:
-      ipaadmin_password: SomeADMINpassword
-      name: HTTP/www.example.com
-      state: absent
-```
-
-
-Example playbook to make sure service is disabled:
-
-```yaml
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is present
-  - ipaservice:
-      ipaadmin_password: SomeADMINpassword
-      name: HTTP/www.example.com
-      state: disabled
-```
-
-Example playbook to add a service even if the host object does not exist, but only if it does have a DNS entry:
-
-```yaml
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is present
-  - ipaservice:
-      ipaadmin_password: SomeADMINpassword
-      name: HTTP/www.example.com
-      skip_host_check: true
-      force: false
-```
-
-Example playbook to add a service if it does have a DNS entry, but host object exits:
-
-```yaml
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is present
-  - ipaservice:
-      ipaadmin_password: SomeADMINpassword
-      name: HTTP/www.example.com
-      skip_host_check: false
-      force: true
-```
-
-Example playbook to ensure service has a certificate:
-
-```yaml
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service member certificate is present.
-  - ipaservice:
-      ipaadmin_password: SomeADMINpassword
-      name: HTTP/www.example.com
-      certificate:
-        - MIIC/zCCAeegAwIBAgIUMNHIbn+hhrOVew/2WbkteisV29QwDQYJKoZIhvcNAQELBQAw
-        DzENMAsGA1UEAwwEdGVzdDAeFw0yMDAyMDQxNDQxMDhaFw0zMDAyMDExNDQxMDhaMA8xDT
-        ALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+XVVGFYpH
-        VkcDfVnNInE1Y/pFciegdzqTjMwUWlRL4Zt3u96GhaMLRbtk+OfEkzLUAhWBOwEraELJzM
-        LJOMvjYF3C+TiGO7dStFLikZmccuSsSIXjnzIPwBXa8KvgRVRyGLoVvGbLJvmjfMXp0nIT
-        oTx/i74KF9S++WEes9H5ErJ99CDhLKFgq0amnvsgparYXhypHaRLnikn0vQINt55YoEd1s
-        4KrvEcD2VdZkIMPbLRu2zFvMprF3cjQQG4LT9ggfEXNIPZ1nQWAnAsu7OJEkNF+E4Mkmpc
-        xj9aGUVt5bsq1D+Tzj3GsidSX0nSNcZ2JltXRnL/5v63g5cZyE+nAgMBAAGjUzBRMB0GA1
-        UdDgQWBBRV0j7JYukuH/r/t9+QeNlRLXDlEDAfBgNVHSMEGDAWgBRV0j7JYukuH/r/t9+Q
-        eNlRLXDlEDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCgVy1+1kNwHs
-        5y1Zp0WjMWGCJC6/zw7FDG4OW5r2GJiCXZYdJ0UonY9ZtoVLJPrp2/DAv1m5DtnDhBYqic
-        uPgLzEkOS1KdTi20Otm/J4yxLLrZC5W4x0XOeSVPXOJuQWfwQ5pPvKkn6WxYUYkGwIt1OH
-        2nSMngkbami3CbSmKZOCpgQIiSlQeDJ8oGjWFMLDymYSHoVOIXHwNoooyEiaio3693l6no
-        obyGv49zyCVLVR1DC7i6RJ186ql0av+D4vPoiF5mX7+sKC2E8xEj9uKQ5GTWRh59VnRBVC
-        /SiMJ/H78tJnBAvoBwXxSEvj8Z3Kjm/BQqZfv4IBsA5yqV7MVq
-      action: member
-      state: present
-```
-
-Example playbook to add a principal to the service:
-
-```yaml
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-    # Principal host/test.example.com present in service.
-    - ipaservice:
-        ipaadmin_password: SomeADMINpassword
-        name: HTTP/www.example.com
-        principal: host/principal.example.com
-        action: member
-```
-
-Example playbook to enable a host to manage service:
-
-```yaml
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-    # Ensure host can manage service, again.
-    - ipaservice:
-        ipaadmin_password: SomeADMINpassword
-        name: HTTP/www.example.com
-        host: host1.example.com
-        action: member
-```
-
-Example playbook to allow users, groups, hosts or hostgroups to create a keytab of this service:
-
-```yaml
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-    # Allow users, groups, hosts or host groups to create a keytab of this service.
-    - ipaservice:
-        ipaadmin_password: SomeADMINpassword
-        name: HTTP/www.example.com
-        allow_create_keytab_user:
-        - user01
-        - user02
-        allow_create_keytab_group:
-        - group01
-        - group02
-        allow_create_keytab_host:
-        - host1.example.com
-        - host2.example.com
-        allow_create_keytab_hostgroup:
-        - hostgroup01
-        - hostgroup02
-        action: member
-```
-
-Example playbook to allow users, groups, hosts or hostgroups to retrieve a keytab of this service:
-
-```yaml
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-    # Allow users, groups, hosts or host groups to retrieve a keytab of this service.
-    - ipaservice:
-        ipaadmin_password: SomeADMINpassword
-        name: HTTP/www.example.com
-        allow_retrieve_keytab_user:
-        - user01
-        - user02
-        allow_retrieve_keytab_group:
-        - group01
-        - group02
-        allow_retrieve_keytab_host:
-        - "{{ host1_fqdn }}"
-        - "{{ host2_fqdn }}"
-        allow_retrieve_keytab_hostgroup:
-        - hostgroup01
-        - hostgroup02
-        action: member
-```
-
-
-Variables
----------
-
-ipaservice
-
-Variable | Description | Required
--------- | ----------- | --------
-`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
-`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`name` \| `service` | The list of service name strings. | yes
-`certificate` \| `usercertificate` | Base-64 encoded service certificate. | no
-`pac_type` \| `ipakrbauthzdata` | Supported PAC type. It can be one of `MS-PAC`, `PAD`, or `NONE`. | no
-`auth_ind` \| `krbprincipalauthind` | Defines a whitelist for Authentication Indicators. It can be any of `otp`, `radius`, `pkinit`, or `hardened`. | no
-`requires_pre_auth` \| `ipakrbrequirespreauth` | Pre-authentication is required for the service. Default to true. (bool) | no
-`ok_as_delegate` \|  `ipakrbokasdelegate` | Client credentials may be delegated to the service. Default to false. (bool) | no
-`ok_to_auth_as_delegate` \|  `ipakrboktoauthasdelegate` | The service is allowed to authenticate on behalf of a client. Default to false. (bool) | no
-`skip_host_check` | Force service to be created even when host object does not exist to manage it. Default to false. (bool)| no
-`force` | Force principal name even if host not in DNS. Default to false. (bool) | no
-`host` \| `managedby_host`| Hosts that can manage the service. | no
-`allow_create_keytab_user` \| `ipaallowedtoperform_write_keys_user` | Users allowed to create a keytab of this host. | no
-`allow_create_keytab_group` \| `ipaallowedtoperform_write_keys_group`| Groups allowed to create a keytab of this host. | no
-`allow_create_keytab_host` \| `ipaallowedtoperform_write_keys_host`| Hosts allowed to create a keytab of this host. | no
-`allow_create_keytab_hostgroup` \| `ipaallowedtoperform_write_keys_group`| Host groups allowed to create a keytab of this host. | no
-`allow_retrieve_keytab_user` \| `ipaallowedtoperform_read_keys_user` | Users allowed to retrieve a keytab of this host. | no
-`allow_retrieve_keytab_group` \| `ipaallowedtoperform_read_keys_group` | Groups allowed to retrieve a keytab of this host. | no
-`allow_retrieve_keytab_host` \| `ipaallowedtoperform_read_keys_host` | Hosts allowed to retrieve a keytab from of host. | no
-`allow_retrieve_keytab_hostgroup` \| `ipaallowedtoperform_read_keys_hostgroup` | Host groups allowed to retrieve a keytab of this host. | no
-`action` | Work on service or member level. It can be on of `member` or `service` and defaults to `service`. | no
-`state` | The state to ensure. It can be one of `present`, `absent`, or `disabled`, default: `present`. | no
-
-
-Authors
-=======
-
-Rafael Jeffman

README-sudocmd.md

@@ -52,7 +52,7 @@ Example playbook to make sure sudocmd exists:
   tasks:
   # Ensure sudocmd is present
   - ipasudocmd:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: /usr/bin/su
       state: present
 ```
@@ -68,7 +68,7 @@ Example playbook to make sure sudocmd is absent:
   tasks:
   # Ensure sudocmd are absent
   - ipahostgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: /usr/bin/su
       state: absent
 ```

README-sudocmdgroup.md

@@ -52,7 +52,7 @@ Example playbook to make sure sudocmdgroup is present:
   tasks:
   # Ensure sudocmdgroup is present
   - ipasudocmdgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: group01
       description: Group of important commands
 ```
@@ -68,7 +68,7 @@ Example playbook to make sure that a sudo command and sudocmdgroups are present
   tasks:
   # Ensure sudo commands are present in existing sudocmdgroup
   - ipasudocmdgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: group01
       sudocmd:
       - /usr/bin/su
@@ -88,7 +88,7 @@ Example playbook to make sure that a sudo command and sudocmdgroups are absent i
   tasks:
   # Ensure sudocmds are absent in existing sudocmdgroup
   - ipasudocmdgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: group01
       sudocmd:
       - /usr/bin/su
@@ -108,7 +108,7 @@ Example playbook to make sure sudocmdgroup is absent:
   tasks:
   # Ensure sudocmdgroup is absent
   - ipasudocmdgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: group01
       state: absent
 ```

README-sudorule.md

@@ -50,7 +50,7 @@ Example playbook to make sure Sudo Rule is present:
   tasks:
   # Ensure Sudo Rule is present
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
 ```
 
@@ -66,9 +66,9 @@ Example playbook to make sure sudocmds are present in Sudo Rule:
   tasks:
   # Ensure Sudo Rule is present
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
-      allow_sudocmd:
+      cmd:
       - /sbin/ifconfig
       action: member
 ```
@@ -85,9 +85,9 @@ Example playbook to make sure sudocmds are not present in Sudo Rule:
   tasks:
   # Ensure Sudo Rule is present
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
-      allow_sudocmd:
+      cmd:
       - /sbin/ifconfig
       action: member
       state: absent
@@ -104,7 +104,7 @@ Example playbook to make sure Sudo Rule is absent:
   tasks:
   # Ensure Sudo Rule is present
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
       state: absent
 ```
@@ -130,14 +130,8 @@ Variable | Description | Required
 `hostgroup` | List of host group name strings assigned to this sudorule. | no
 `user` | List of user name strings assigned to this sudorule. | no
 `group` | List of user group name strings assigned to this sudorule. | no
-`allow_sudocmd` | List of sudocmd name strings assigned to the allow group of this sudorule. | no
-`deny_sudocmd` | List of sudocmd name strings assigned to the deny group of this sudorule. | no
-`allow_sudocmdgroup` | List of sudocmd groups name strings assigned to the allow group of this sudorule. | no
-`deny_sudocmdgroup` | List of sudocmd groups name strings assigned to the deny group of this sudorule. | no
-`sudooption` \| `option` | List of options to the sudorule | no
-`order` | Integer to order the sudorule | no
-`runasuser` | List of users for Sudo to execute as. | no
-`runasgroup` | List of groups for Sudo to execute as. | no
+`cmd` | List of sudocmd name strings assigned to this sudorule. | no
+`cmdgroup` | List of sudocmd group name strings assigned wto this sudorule. | no
 `action` | Work on sudorule or member level. It can be on of `member` or `sudorule` and defaults to `sudorule`. | no
 `state` | The state to ensure. It can be one of `present`, `absent`, `enabled` or `disabled`, default: `present`. | no
 

README-topology.md

@@ -50,7 +50,7 @@ Example playbook to add a topology segment with default name (cn):
   tasks:
   - name: Add topology segment
     ipatopologysegment:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       suffix: domain
       left: ipareplica1.test.local
       right: ipareplica2.test.local
@@ -70,7 +70,7 @@ Example playbook to delete a topology segment:
   tasks:
   - name: Delete topology segment
     ipatopologysegment:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       suffix: domain
       left: ipareplica1.test.local
       right: ipareplica2.test.local
@@ -90,7 +90,7 @@ Example playbook to reinitialize a topology segment:
   tasks:
   - name: Reinitialize topology segment
     ipatopologysegment:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       suffix: domain
       left: ipareplica1.test.local
       right: ipareplica2.test.local
@@ -111,7 +111,7 @@ Example playbook to verify a topology suffix:
   tasks:
   - name: Verify topology suffix
     ipatopologysuffix:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       suffix: domain
       state: verified
 ```

README-user.md

@@ -52,7 +52,7 @@ Example playbook to ensure a user is present:
   tasks:
   # Ensure user pinky is present
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: pinky
       first: pinky
       last: Acme
@@ -66,7 +66,7 @@ Example playbook to ensure a user is present:
 
   # Ensure user brain is present
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: brain
       first: brain
       last: Acme
@@ -85,7 +85,7 @@ These two `ipauser` module calls can be combined into one with the `users` varia
   tasks:
   # Ensure users pinky and brain are present
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       users:
       - name: pinky
         first: pinky
@@ -153,7 +153,7 @@ Ensure user pinky is present with a generated random password and print the rand
   tasks:
   # Ensure user pinky is present with a random password
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: brain
       first: brain
       last: Acme
@@ -176,7 +176,7 @@ Ensure users pinky and brain are present with a generated random password and pr
   tasks:
   # Ensure users pinky and brain are present with random password
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       users:
       - name: pinky
         first: pinky
@@ -212,7 +212,7 @@ Example playbook to delete a user, but preserve it:
   tasks:
   # Remove but preserve user pinky
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: pinky
       preserve: yes
       state: absent
@@ -231,7 +231,7 @@ Example playbook to delete a user, but preserve it using the `users` variable:
   tasks:
   # Remove but preserve user pinky
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       users:
       - name: pinky
       preserve: yes
@@ -252,7 +252,7 @@ Example playbook to undelete a preserved user.
   tasks:
   # Undelete preserved user pinky
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: pinky
       state: undeleted
 ```
@@ -271,7 +271,7 @@ Example playbook to disable a user:
   tasks:
   # Disable user pinky
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: pinky
       state: disabled
 ```
@@ -290,7 +290,7 @@ Example playbook to enable users:
   tasks:
   # Enable user pinky and brain
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: pinky,brain
       state: enabled
 ```
@@ -309,7 +309,7 @@ Example playbook to unlock users:
   tasks:
   # Unlock user pinky and brain
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: pinky,brain
       state: unlocked
 ```
@@ -326,7 +326,7 @@ Example playbook to ensure users are absent:
   tasks:
   # Ensure users pinky and brain are absent
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: pinky,brain
       state: absent
 ```
@@ -345,7 +345,7 @@ Example playbook to ensure users are absent:
   tasks:
   # Ensure users pinky and brain are absent
   - ipauser:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       users:
       - name: pinky
       - name: brain

README-vault.md

@@ -51,7 +51,7 @@ Example playbook to make sure vault is present:
 
   tasks:
   - ipavault:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: symvault
       username: admin
       vault_password: MyVaultPassword123
@@ -68,7 +68,7 @@ Example playbook to make sure that a vault and its members are present:
 
   tasks:
   - ipavault:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: symvault
       username: admin
       users: user01
@@ -86,7 +86,7 @@ Example playbook to make sure that a vault member is present in vault:
 
   tasks:
   - ipavault:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: symvault
       username: admin
       users: user01
@@ -103,7 +103,7 @@ Example playbook to make sure that a vault owner is absent in vault:
 
   tasks:
   - ipavault:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: symvault
       username: admin
       owner: user01
@@ -121,7 +121,7 @@ Example playbook to make sure vault data is present in a symmetric vault:
 
   tasks:
   - ipavault:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: symvault
       username: admin
       vault_password: MyVaultPassword123
@@ -141,7 +141,7 @@ Example playbook to make sure vault data is absent in a symmetric vault:
 
   tasks:
   - ipavault:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: symvault
       username: admin
       vault_password: MyVaultPassword123
@@ -159,7 +159,7 @@ Example playbook to make sure vault is absent:
 
   tasks:
   - ipavault:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: symvault
       username: admin
       state: absent

README.md

@@ -18,7 +18,6 @@ Features
 * Modules for host management
 * Modules for hostgroup management
 * Modules for pwpolicy management
-* Modules for service management
 * Modules for sudocmd management
 * Modules for sudocmdgroup management
 * Modules for sudorule management
@@ -414,7 +413,6 @@ Modules in plugin/modules
 * [ipahost](README-host.md)
 * [ipahostgroup](README-hostgroup.md)
 * [ipapwpolicy](README-pwpolicy.md)
-* [ipaservice](README-service.md)
 * [ipasudocmd](README-sudocmd.md)
 * [ipasudocmdgroup](README-sudocmdgroup.md)
 * [ipasudorule](README-sudorule.md)

playbooks/hbacrule/ensure-hbarule-allhosts-absent.yml

@@ -7,6 +7,6 @@
   tasks:
   - name: Ensure HBAC Rule allhosts is absent
     ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: allhosts
       state: absent

playbooks/hbacrule/ensure-hbarule-allhosts-disabled.yml

@@ -7,6 +7,6 @@
   tasks:
   - name: Ensure HBAC Rule allhosts is disabled
     ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: allhosts
       state: disabled

playbooks/hbacrule/ensure-hbarule-allhosts-enabled.yml

@@ -7,6 +7,6 @@
   tasks:
   - name: Ensure HBAC Rule allhosts is enabled
     ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: allhosts
       state: enabled

playbooks/hbacrule/ensure-hbarule-allhosts-present.yml

@@ -7,6 +7,6 @@
   tasks:
   - name: Ensure HBAC Rule allhosts is present
     ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: allhosts
       usercategory: all

playbooks/hbacrule/ensure-hbarule-allhosts-server-member-absent.yml

@@ -7,7 +7,7 @@
   tasks:
   - name: Ensure host server is absent in HBAC Rule allhosts
     ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: allhosts
       host: server
       action: member

playbooks/hbacrule/ensure-hbarule-allhosts-server-member-present.yml

@@ -7,7 +7,7 @@
   tasks:
   - name: Ensure host server is present in HBAC Rule allhosts
     ipahbacrule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: allhosts
       host: server
       action: member

playbooks/hbacsvc/ensure-hbacsvc-absent.yml

@@ -7,6 +7,6 @@
   tasks:
   - name: Ensure HBAC Services for http and tftp are absent
     ipahbacsvc:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: http,tftp
       state: absent

playbooks/hbacsvc/ensure-hbacsvc-present.yml

@@ -7,12 +7,12 @@
   tasks:
   - name: Ensure HBAC Service for http is present
     ipahbacsvc:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: http
       description: Web service
 
   - name: Ensure HBAC Service for tftp is present
     ipahbacsvc:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: tftp
       description: TFTP service

playbooks/hbacsvcgroup/ensure-hbacsvcgroup-absent.yml

@@ -7,7 +7,7 @@
   tasks:
   - name: Ensure HBAC Service Group login is absent
     ipahbacsvcgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       hbacsvc:
       - sshd

playbooks/hbacsvcgroup/ensure-hbacsvcgroup-member-absent.yml

@@ -7,7 +7,7 @@
   tasks:
   - name: Ensure HBAC Services sshd is absent in HBAC Service Group login
     ipahbacsvcgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       hbacsvc:
       - sshd

playbooks/hbacsvcgroup/ensure-hbacsvcgroup-member-present.yml

@@ -7,7 +7,7 @@
   tasks:
   - name: Ensure HBAC Service sshd is present in HBAC Service Group login
     ipahbacsvcgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       hbacsvc:
       - sshd

playbooks/hbacsvcgroup/ensure-hbacsvcgroup-present.yml

@@ -7,7 +7,7 @@
   tasks:
   - name: Ensure HBAC Service sshd is present in HBAC Service Group login
     ipahbacsvcgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: login
       hbacsvc:
       - sshd

playbooks/host/delete-host.yml

@@ -6,6 +6,6 @@
   tasks:
   - name: Ensure host host01.example.com is absent
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       state: absent

playbooks/host/disable-host.yml

@@ -6,6 +6,6 @@
   tasks:
   - name: Disable host host01.example.com
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       state: disabled

playbooks/host/ensure_host_with_randompassword.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host "{{ 'host1.' + ipaserver_domain }}" present with random password
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: "{{ 'host1.' + ipaserver_domain }}"
       random: yes
       force: yes

playbooks/host/host-member-allow_create_keytab-absent.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host host1.example.com members allow_create_keytab absent for users, groups, hosts and hostgroups
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.exmaple.com
       allow_create_keytab_user:
       - user01

playbooks/host/host-member-allow_create_keytab-present.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host host1.example.com members allow_create_keytab present for users, groups, hosts and hostgroups
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.exmaple.com
       allow_create_keytab_user:
       - user01

playbooks/host/host-member-allow_retrieve_keytab-absent.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host host1.example.com members allow_retrieve_keytab absent for users, groups, hosts and hostgroups
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.exmaple.com
       allow_retrieve_keytab_user:
       - user01

playbooks/host/host-member-allow_retrieve_keytab-present.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host host1.example.com members allow_retrieve_keytab present for users, groups, hosts and hostgroups
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.exmaple.com
       allow_retrieve_keytab_user:
       - user01

playbooks/host/host-member-certificate-absent.yml

@@ -5,7 +5,7 @@
   tasks:
   - name: Host host01.example.com member certificate absent
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       certificate:
       - MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMDEwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6XsqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7GPHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8HnSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRcmZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2QglidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplRBoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldnf13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4Kk+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGsGLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31ykBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9mBDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8AN65NAdv7+js8jKUKCuyji8r3

playbooks/host/host-member-certificate-present.yml

@@ -5,7 +5,7 @@
   tasks:
   - name: Host host01.example.com member certificate present
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       certificate:
       - MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMDEwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6XsqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7GPHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8HnSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRcmZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2QglidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplRBoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldnf13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4Kk+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGsGLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31ykBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9mBDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8AN65NAdv7+js8jKUKCuyji8r3

playbooks/host/host-member-ipaddresses-absent.yml

@@ -1,17 +0,0 @@
----
-- name: Host member IP addresses absent
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: Ensure host01.example.com IP addresses absent
-    ipahost:
-      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
-      ip_address:
-      - 192.168.0.123
-      - fe80::20c:29ff:fe02:a1b3
-      - 192.168.0.124
-      - fe80::20c:29ff:fe02:a1b4
-      action: member
-      state: absent

playbooks/host/host-member-ipaddresses-present.yml

@@ -1,16 +0,0 @@
----
-- name: Host member IP addresses present
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: Ensure host01.example.com IP addresses present
-    ipahost:
-      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
-      ip_address:
-      - 192.168.0.123
-      - fe80::20c:29ff:fe02:a1b3
-      - 192.168.0.124
-      - fe80::20c:29ff:fe02:a1b4
-      action: member

playbooks/host/host-member-managedby_host-absent.yml

@@ -5,7 +5,7 @@
 
   tasks:
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.exmaple.com
       managedby_host: server.exmaple.com
       action: member

playbooks/host/host-member-managedby_host-present.yml

@@ -5,7 +5,7 @@
 
   tasks:
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.exmaple.com
       managedby_host: server.exmaple.com
       action: member

playbooks/host/host-member-principal-absent.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host host01.example.com principals host/testhost01.example.com and host/myhost01.example.com absent
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       principal:
       - host/testhost01.example.com

playbooks/host/host-member-principal-present.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host host01.example.com principals host/testhost01.example.com and host/myhost01.example.com present
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       principal:
       - host/testhost01.example.com

playbooks/host/host-present-with-allow_create_keytab.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host host1.example.com present with allow_create_keytab for users, groups, hosts and hostgroups
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.exmaple.com
       allow_create_keytab_user:
       - user01

playbooks/host/host-present-with-allow_retrieve_keytab.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host host1.example.com present with allow_retrieve_keytab for users, groups, hosts and hostgroups
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.exmaple.com
       allow_retrieve_keytab_user:
       - user01

playbooks/host/host-present-with-certificate.yml

@@ -5,7 +5,7 @@
   tasks:
   - name: Host host01.example.com present with certificate
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       certificate:
       - MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMDEwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6XsqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7GPHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8HnSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRcmZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2QglidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplRBoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldnf13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4Kk+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGsGLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31ykBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9mBDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8AN65NAdv7+js8jKUKCuyji8r3

playbooks/host/host-present-with-managedby_host.yml

@@ -5,7 +5,7 @@
 
   tasks:
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.exmaple.com
       managedby_host: server.exmaple.com
       force: yes

playbooks/host/host-present-with-principal.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host host01.example.com present with principals host/testhost01.example.com and host/myhost01.example.com
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       principal:
       - host/testhost01.example.com

playbooks/host/host-present-with-randompassword.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Host host01.example.com present with random password
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       random: yes
       force: yes

playbooks/host/host-present-with-several-ip-addresses.yml

@@ -1,24 +0,0 @@
----
-- name: Host present with several IP addresses
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: Ensure host is present
-    ipahost:
-      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
-      description: Example host
-      ip_address:
-      - 192.168.0.123
-      - fe80::20c:29ff:fe02:a1b3
-      - 192.168.0.124
-      - fe80::20c:29ff:fe02:a1b4
-      locality: Lab
-      ns_host_location: Lab
-      ns_os_version: CentOS 7
-      ns_hardware_platform: Lenovo T61
-      mac_address:
-      - "08:00:27:E3:B1:2D"
-      - "52:54:00:BD:97:1E"
-      state: present

playbooks/host/host-present.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Ensure host is present
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: host01.example.com
       description: Example host
       ip_address: 192.168.0.123

playbooks/host/hosts-member-certificate-absent.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Hosts host01.example.com and host01.exmaple.com member certificate absent
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.example.com
         certificate:

playbooks/host/hosts-member-certificate-present.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Hosts host01.example.com and host01.exmaple.com member certificate present
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.example.com
         certificate:

playbooks/host/hosts-member-managedby_host-absent.yml

@@ -5,7 +5,7 @@
 
   tasks:
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.exmaple.com
         managedby_host: server.exmaple.com

playbooks/host/hosts-member-managedby_host-present.yml

@@ -5,7 +5,7 @@
 
   tasks:
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.exmaple.com
         managedby_host: server.exmaple.com

playbooks/host/hosts-member-principal-absent.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Hosts host01.exmaple.com and host02.exmaple.com member principals host/testhost0X.exmaple.com absent
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.exmaple.com
         principal:

playbooks/host/hosts-member-principal-present.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Hosts host01.exmaple.com and host02.exmaple.com member principals host/testhost0X.exmaple.com present
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.exmaple.com
         principal:

playbooks/host/hosts-present-with-certificate.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Hosts host01.example.com and host01.exmaple.com present with certificate
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.example.com
         certificate:

playbooks/host/hosts-present-with-managedby_host.yml

@@ -5,7 +5,7 @@
 
   tasks:
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.exmaple.com
         managedby_host: server.exmaple.com

playbooks/host/hosts-present-with-randompasswords.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Hosts host01.example.com and host01.example.com present with random passwords
     ipahost:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       hosts:
       - name: host01.example.com
         random: yes

playbooks/hostgroup/ensure-hostgroup-is-absent.yml

@@ -6,6 +6,6 @@
   tasks:
   # Ensure host-group databases is present
   - ipahostgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: databases
       state: absent

playbooks/hostgroup/ensure-hostgroup-is-present.yml

@@ -6,7 +6,7 @@
   tasks:
   # Ensure host-group databases is present
   - ipahostgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: databases
       host:
       - db.example.com

playbooks/hostgroup/ensure-hosts-and-hostgroups-are-absent-in-hostgroup.yml

@@ -6,7 +6,7 @@
   tasks:
   # Ensure hosts and hostgroups are present in existing databases hostgroup
   - ipahostgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: databases
       host:
       - db.example.com

playbooks/hostgroup/ensure-hosts-and-hostgroups-are-present-in-hostgroup.yml

@@ -6,7 +6,7 @@
   tasks:
   # Ensure hosts and hostgroups are present in existing databases hostgroup
   - ipahostgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: databases
       host:
       - db.example.com

playbooks/service/service-host-is-absent.yml

@@ -1,14 +0,0 @@
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure management host is absent.
-  - ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      host: "{{ groups.ipaserver[0] }}"
-      action: member
-      state: absent

playbooks/service/service-host-is-present.yml

@@ -1,13 +0,0 @@
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure management host is present.
-  - ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      host: "{{ groups.ipaserver[0] }}"
-      action: member

playbooks/service/service-is-absent.yml

@@ -1,12 +0,0 @@
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is absent
-  - ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      state: absent

playbooks/service/service-is-disabled.yml

@@ -1,12 +0,0 @@
----
-- name: Playbook to disable IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is disabled
-  - ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      state: disabled

playbooks/service/service-is-present-with-all-attributes.yml

@@ -1,23 +0,0 @@
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is present
-  - ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      certificate:
-        - MIICBjCCAW8CFHnm32VcXaUDGfEGdDL/erPSijUAMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQwHhcNMjAwMTIzMDA1NjQ2WhcNMjEwMTIyMDA1NjQ2WjBCMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYrdVmsr7iT3f67DM5bb1osSEe5/c91UUMEIcFq5wrgBhzVfs8iIMDVC1yiUGTsDLJNJc4nb1tUxeR9K5fh25E6n/eWDBP75NStotjAXRU4Ahi3FNRhWFOKesds5xNqgDk5/dY8UekJv2yUblQuZzeF8b2XFrmHuCaYuFctzPfWwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBACF+5RS8Ce0HRixGPu4Xd51i+Kzblg++lx8fDJ8GW5G16/Z1AsB72Hc7etJL2PksHlue/xCq6SA9fIfHc4TBNCiWjPSP1NhHJeYyoPiSkcYsqXuxWyoyRLbnAhBVvhoiqZbUt3u3tGB0uMMA0yJvj07mP7Nea2KdBYVH8X1pM0V+
-      pac_type:
-        - MS-PAC
-        - PAD
-      auth_ind: otp
-      force: no
-      requires_pre_auth: yes
-      ok_as_delegate: no
-      ok_to_auth_as_delegate: no
-      action: service
-      state: present

playbooks/service/service-is-present-with-host-force.yml

@@ -1,13 +0,0 @@
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is present
-  - ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/ihavenodns.info
-      force: yes
-      # state: absent

playbooks/service/service-is-present-without-host-object.yml

@@ -1,12 +0,0 @@
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is present
-  - ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.ansible.com
-      skip_host_check: yes

playbooks/service/service-is-present.yml

@@ -1,11 +0,0 @@
----
-- name: Playbook to manage IPA service.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service is present
-  - ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com

playbooks/service/service-member-allow_create_keytab-absent.yml

@@ -1,24 +0,0 @@
----
-- name: Service member allow_create_keytab absent
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: Service HTTP/www.example.com members allow_create_keytab absent for users, groups, hosts and hostgroups
-    ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      allow_create_keytab_user:
-      - user01
-      - user02
-      allow_create_keytab_group:
-      - group01
-      - group02
-      allow_create_keytab_host:
-      - host01.example.com
-      - host02.example.com
-      allow_create_keytab_hostgroup:
-      - hostgroup01
-      - hostgroup02
-      action: member
-      state: absent

playbooks/service/service-member-allow_create_keytab-present.yml

@@ -1,23 +0,0 @@
----
-- name: Service member allow_create_keytab present
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: Service HTTP/www.example.com members allow_create_keytab present for users, groups, hosts and hostgroups
-    ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      allow_create_keytab_user:
-      - user01
-      - user02
-      allow_create_keytab_group:
-      - group01
-      - group02
-      allow_create_keytab_host:
-      - host01.example.com
-      - host02.example.com
-      allow_create_keytab_hostgroup:
-      - hostgroup01
-      - hostgroup02
-      action: member

playbooks/service/service-member-allow_retrieve_keytab-absent.yml

@@ -1,24 +0,0 @@
----
-- name: Service member allow_retrieve_keytab absent
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: Service HTTP/www.example.com members allow_retrieve_keytab absent for users, groups, hosts and hostgroups
-    ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      allow_retrieve_keytab_user:
-      - user01
-      - user02
-      allow_retrieve_keytab_group:
-      - group01
-      - group02
-      allow_retrieve_keytab_host:
-      - host01.example.com
-      - host02.example.com
-      allow_retrieve_keytab_hostgroup:
-      - hostgroup01
-      - hostgroup02
-      action: member
-      state: absent

playbooks/service/service-member-allow_retrieve_keytab-present.yml

@@ -1,23 +0,0 @@
----
-- name: Service member allow_retrieve_keytab present
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: Service HTTP/www.example.com members allow_retrieve_keytab present for users, groups, hosts and hostgroups
-    ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      allow_retrieve_keytab_user:
-      - user01
-      - user02
-      allow_retrieve_keytab_group:
-      - group01
-      - group02
-      allow_retrieve_keytab_host:
-      - host01.example.com
-      - host02.example.com
-      allow_retrieve_keytab_hostgroup:
-      - hostgroup01
-      - hostgroup02
-      action: member

playbooks/service/service-member-certificate-absent.yml

@@ -1,16 +0,0 @@
----
-- name: Service certificate absent.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service certificate is absent
-  - ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-
-      certificate:
-        - MIICBjCCAW8CFHnm32VcXaUDGfEGdDL/erPSijUAMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQwHhcNMjAwMTIzMDA1NjQ2WhcNMjEwMTIyMDA1NjQ2WjBCMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYrdVmsr7iT3f67DM5bb1osSEe5/c91UUMEIcFq5wrgBhzVfs8iIMDVC1yiUGTsDLJNJc4nb1tUxeR9K5fh25E6n/eWDBP75NStotjAXRU4Ahi3FNRhWFOKesds5xNqgDk5/dY8UekJv2yUblQuZzeF8b2XFrmHuCaYuFctzPfWwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBACF+5RS8Ce0HRixGPu4Xd51i+Kzblg++lx8fDJ8GW5G16/Z1AsB72Hc7etJL2PksHlue/xCq6SA9fIfHc4TBNCiWjPSP1NhHJeYyoPiSkcYsqXuxWyoyRLbnAhBVvhoiqZbUt3u3tGB0uMMA0yJvj07mP7Nea2KdBYVH8X1pM0V+
-      action: member
-      state: absent

playbooks/service/service-member-certificate-present.yml

@@ -1,15 +0,0 @@
----
-- name: Service certificate present.
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure service certificate is present
-  - ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      certificate:
-        - MIICBjCCAW8CFHnm32VcXaUDGfEGdDL/erPSijUAMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQwHhcNMjAwMTIzMDA1NjQ2WhcNMjEwMTIyMDA1NjQ2WjBCMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYrdVmsr7iT3f67DM5bb1osSEe5/c91UUMEIcFq5wrgBhzVfs8iIMDVC1yiUGTsDLJNJc4nb1tUxeR9K5fh25E6n/eWDBP75NStotjAXRU4Ahi3FNRhWFOKesds5xNqgDk5/dY8UekJv2yUblQuZzeF8b2XFrmHuCaYuFctzPfWwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBACF+5RS8Ce0HRixGPu4Xd51i+Kzblg++lx8fDJ8GW5G16/Z1AsB72Hc7etJL2PksHlue/xCq6SA9fIfHc4TBNCiWjPSP1NhHJeYyoPiSkcYsqXuxWyoyRLbnAhBVvhoiqZbUt3u3tGB0uMMA0yJvj07mP7Nea2KdBYVH8X1pM0V+
-      action: member
-      state: present

playbooks/service/service-member-principal-absent.yml

@@ -1,14 +0,0 @@
----
-- name: Service member principal absent
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: Service HTTP/www.exmaple.com member principals host/test.exmaple.com absent
-    ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      principal:
-        - host/test.exmaple.com
-      action: member
-      state: absent

playbooks/service/service-member-principal-present.yml

@@ -1,13 +0,0 @@
----
-- name: Service member principal present
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: Service HTTP/www.exmaple.com member principals host/test.exmaple.com present
-    ipaservice:
-      ipaadmin_password: MyPassword123
-      name: HTTP/www.example.com
-      principal:
-        - host/test.exmaple.com
-      action: member

playbooks/sudocmd/ensure-sudocmd-is-absent.yml

@@ -6,6 +6,6 @@
   tasks:
   # Ensure sudo command is absent
   - ipasudocmd:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: /usr/bin/su
       state: absent

playbooks/sudocmd/ensure-sudocmd-is-present.yml

@@ -6,6 +6,6 @@
   tasks:
   # Ensure sudo command is present
   - ipasudocmd:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: /usr/bin/su
       state: present

playbooks/sudocmdgroup/ensure-sudocmd-are-absent-in-sudocmdgroup.yml

@@ -6,7 +6,7 @@
   tasks:
   # Ensure sudocmds are absent in sudocmdgroup
   - ipasudocmdgroup:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: network
       sudocmd:
       - /usr/sbin/ifconfig

playbooks/sudocmdgroup/ensure-sudocmd-are-present-in-sudocmdgroup.yml

@@ -6,7 +6,7 @@
   tasks:
   # Ensure sudo commands are present
   - ipasudocmd:
-     ipaadmin_password: SomeADMINpassword
+     ipaadmin_password: MyPassword123
      name:
      - /usr/sbin/ifconfig
      - /usr/sbin/iwlist
@@ -14,7 +14,7 @@
 
   # Ensure sudo commands are present in existing sudocmdgroup
   - ipasudocmdgroup:
-     ipaadmin_password: SomeADMINpassword
+     ipaadmin_password: MyPassword123
      name: network
      sudocmd:
      - /usr/sbin/ifconfig

playbooks/sudorule/ensure-sudorule-does-not-have-sudooption.yml

@@ -1,14 +0,0 @@
----
-- name: Tests
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure sudooption is absent in sudorule
-  - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
-      name: testrule1
-      sudooption: "!root"
-      action: member
-      state: absent

playbooks/sudorule/ensure-sudorule-has-sudooption.yml

@@ -1,13 +0,0 @@
----
-- name: Tests
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure sudooption is present in sudorule
-  - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
-      name: testrule1
-      sudooption: "!root"
-      action: member

playbooks/sudorule/ensure-sudorule-host-member-is-absent.yml

@@ -7,7 +7,7 @@
   tasks:
   # Ensure host server is absent in Sudo Rule
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
       host: server
       action: member

playbooks/sudorule/ensure-sudorule-host-member-is-present.yml

@@ -7,7 +7,7 @@
   tasks:
   # Ensure host server is present in Sudo Rule
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
       host: server
       action: member

playbooks/sudorule/ensure-sudorule-hostgroup-member-is-absent.yml

@@ -7,7 +7,7 @@
   tasks:
   # Ensure hostgroup cluster is absent in Sudo Rule
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
       hostgroup: cluster
       action: member

playbooks/sudorule/ensure-sudorule-hostgroup-member-is-present.yml

@@ -7,7 +7,7 @@
   tasks:
   # Ensure hostgrep cluster is present in Sudo Rule
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
       hostgroup: cluster
       action: member

playbooks/sudorule/ensure-sudorule-is-disabled.yml

@@ -6,6 +6,6 @@
   tasks:
   # Ensure sudorule command is disabled
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
       state: disabled

playbooks/sudorule/ensure-sudorule-is-enabled.yml

@@ -6,6 +6,6 @@
   tasks:
   # Ensure sudorule command is enabled
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
       state: enabled

playbooks/sudorule/ensure-sudorule-is-present-with-order.yml

@@ -1,12 +0,0 @@
----
-- name: Tests
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure sudorule is present with the given order.
-  - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
-      name: testrule1
-      order: 2

playbooks/sudorule/ensure-sudorule-is-present.yml

@@ -6,9 +6,7 @@
   tasks:
   # Ensure sudorule command is present
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
       description: A test sudo rule.
-      allow_sudocmd: /bin/ls
-      deny_sudocmd: /bin/vim
       state: present

playbooks/sudorule/ensure-sudorule-runasuser-is-absent.yml

@@ -1,14 +0,0 @@
----
-- name: Tests
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure sudorule is present with the given order.
-  - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
-      name: testrule1
-      runasuser: admin
-      action: member
-      state: absent

playbooks/sudorule/ensure-sudorule-runasuser-is-present.yml

@@ -1,13 +0,0 @@
----
-- name: Tests
-  hosts: ipaserver
-  become: true
-  gather_facts: false
-
-  tasks:
-  # Ensure sudorule is present with the given order.
-  - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
-      name: testrule1
-      runasuser: admin
-      action: member

playbooks/sudorule/ensure-sudorule-sudocmd-is-absent.yml

@@ -6,15 +6,10 @@
 
   tasks:
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
-      allow_sudocmd:
+      cmd:
       - /sbin/ifconfig
-      deny_sudocmd:
       - /usr/bin/vim
-      allow_sudocmdgroup:
-      - devops
-      deny_sudocmdgroup:
-      - users
       action: member
       state: absent

playbooks/sudorule/ensure-sudorule-sudocmd-is-present.yml

@@ -6,14 +6,9 @@
 
   tasks:
   - ipasudorule:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       name: testrule1
-      allow_sudocmd:
+      cmd:
       - /sbin/ifconfig
-      deny_sudocmd:
       - /usr/bin/vim
-      allow_sudocmdgroup:
-      - devops
-      deny_sudocmdgroup:
-      - users
       action: member

playbooks/topology/add-topologysegment.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Add topology segment
     ipatopologysegment:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       suffix: domain
       left: ipareplica1.test.local
       right: ipareplica2.test.local

playbooks/topology/delete-topologysegment.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Delete topology segment
     ipatopologysegment:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       suffix: domain
       left: ipareplica1.test.local
       right: ipareplica2.test.local

playbooks/topology/reinitialize-topologysegment.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Reinitialize topology segment
     ipatopologysegment:
-      ipaadmin_password: SomeADMINpassword
+      ipaadmin_password: MyPassword123
       suffix: domain
       left: ipareplica1.test.local
       right: ipareplica2.test.local