tests/azure: Deactivate NTP in prepare-build

In CentOS 8 and also Fedora the configuration and start of chrony fails with Fatal error : adjtimex(0x8001) failed : Operation not permitted For more information: https://bugzilla.redhat.com/show_bug.cgi?id=1772053 NTP will not be needed before a separate namespace is used for clocks.
tests/azure: Set ANSIBLE_LIBRARY to fix unknown interpreter issue
2026-03-27 13:53:06 +00:00 · 2021-05-03 13:28:25 +02:00 · 2021-04-30 16:29:53 +02:00
441 changed files with 6266 additions and 11407 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -1,29 +1,22 @@
---
 exclude_paths:
-  - .ansible-freeipa-tests/
-  - .cache/
-  - .github/
-  - .pre-commit-config.yaml
-  - .tox/
-  - .venv/
-  - .yamllint
-  - molecule/
-  - tests/azure/
-  - meta/runtime.yml
-
-kinds:
-  - playbook: '**/tests/**/test_*.yml'
-  - playbook: '**/playbooks/**/*.yml'
+  - roles
+  - .tox
+  - .venv

 parseable: true

 quiet: false

 skip_list:
+  - '201'  # Trailing whitespace
+  - '204'  # Lines should be no longer than 160 chars
+  - '206'  # Variables should have spaces before and after: {{ var_name }}'
+  - '208'  # File permissions not mentioned
  - '301'  # Commands should not change things if nothing needs doing'
-  - '305'  # Use shell only when shell functionality is required
-  - '306'  # risky-shell-pipe
-  - yaml   # yamllint should be executed separately.
+  - '305'  # Use shell only when shell functionality is required'
+  - '306'  # Shells that use pipes should set the pipefail option'
+  - '502'  # All tasks should be named
+  - '505'  # Referenced missing file

 use_default_rules: true

--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -4,8 +4,8 @@ on:
  - push
  - pull_request
 jobs:
-  check_docs_29:
-    name: Check Ansible Documentation with Ansible 2.9.
+  check_docs:
+    name: Check Ansible Documentation.
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
@@ -13,32 +13,4 @@ jobs:
        with:
          python-version: '3.x'
      - name: Run ansible-doc-test
-        run: |
-          python -m pip install "ansible < 2.10"
-          ANSIBLE_LIBRARY="." ANSIBLE_DOC_FRAGMENT_PLUGINS="." python utils/ansible-doc-test -v roles plugins
-
-  check_docs_2_11:
-    name: Check Ansible Documentation with ansible-core 2.11.
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
-        with:
-          python-version: '3.x'
-      - name: Run ansible-doc-test
-        run: |
-          python -m pip install "ansible-core >=2.11,<2.12"
-          ANSIBLE_LIBRARY="." ANSIBLE_DOC_FRAGMENT_PLUGINS="." python utils/ansible-doc-test -v roles plugins
-
-  check_docs_latest:
-    name: Check Ansible Documentation with latest Ansible version.
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
-        with:
-          python-version: '3.x'
-      - name: Run ansible-doc-test
-        run: |
-          python -m pip install ansible
-          ANSIBLE_LIBRARY="." ANSIBLE_DOC_FRAGMENT_PLUGINS="." python utils/ansible-doc-test -v roles plugins
+        run: ANSIBLE_LIBRARY="." python utils/ansible-doc-test roles plugins
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -4,14 +4,15 @@ on:
  - push
  - pull_request
 jobs:
-  ansible_lint:
-    name: Verify ansible-lint
+  linters:
+    name: Run Linters
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-python@v2
        with:
-          python-version: "3.x"
+          python-version: "3.6"
+
      - name: Run ansible-lint
        uses: ansible/ansible-lint-action@master
        with:
@@ -21,58 +22,12 @@ jobs:
            tests/*/*/*.yml
            playbooks/*.yml
            playbooks/*/*.yml
-            roles/*/*/*.yml
        env:
          ANSIBLE_MODULE_UTILS: plugins/module_utils
          ANSIBLE_LIBRARY: plugins/modules
-          ANSIBLE_DOC_FRAGMENT_PLUGINS: plugins/doc_fragments

-  yamllint:
-    name: Verify yamllint
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
-        with:
-          python-version: "3.x"
      - name: Run yaml-lint
        uses: ibiqlik/action-yamllint@v1

-  pydocstyle:
-    name: Verify pydocstyle
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
-        with:
-          python-version: "3.x"
-      - name: Run pydocstyle
-        run: |
-            pip install pydocstyle
-            pydocstyle
-
-  flake8:
-    name: Verify flake8
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
-        with:
-          python-version: "3.x"
-      - name: Run flake8
-        run: |
-            pip install flake8
-            flake8
-
-  pylint:
-    name: Verify pylint
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
-        with:
-          python-version: "3.x"
-      - name: Run pylint
-        run: |
-            pip install pylint==2.10.2
-            pylint plugins --disable=import-error
+      - name: Run Python linters
+        uses: rjeffman/python-lint-action@v2
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,40 +1,31 @@
 ---
 repos:
 - repo: https://github.com/ansible/ansible-lint.git
-  rev: v5.1.2
+  rev: v4.3.5
  hooks:
  - id: ansible-lint
    always_run: false
    pass_filenames: true
    files: \.(yaml|yml)$
-    exclude: /env[^/]*.(yaml|yml)$
-    entry: |
-        env ANSIBLE_LIBRARY=./plugins/modules ANSIBLE_MODULE_UTILS=./plugins/module_utils ANSIBLE_DOC_FRAGMENT_PLUGINS=./plugins/doc_fragments ansible-lint
+    entry: env ANSIBLE_LIBRARY=./plugins/modules ANSIBLE_MODULE_UTILS=./plugins/module_utils ansible-lint --force-color
 - repo: https://github.com/adrienverge/yamllint.git
-  rev: v1.26.1
+  rev: v1.25.0
  hooks:
  - id: yamllint
    files: \.(yaml|yml)$
 - repo: https://gitlab.com/pycqa/flake8
-  rev: 3.9.2
+  rev: 3.8.4
  hooks:
  - id: flake8
 - repo: https://gitlab.com/pycqa/pydocstyle
-  rev: 6.1.1
+  rev: 5.1.1
  hooks:
  - id: pydocstyle
- repo: https://github.com/pycqa/pylint
-  rev: v2.10.2
-  hooks:
-  - id: pylint
-    args:
-    - --disable=import-error
-    files: \.py$
 - repo: local
  hooks:
  - id: ansible-doc-test
    name: Verify Ansible roles and module documentation.
-    language: python
+    language: script
    entry: utils/ansible-doc-test
    # args: ['-v', 'roles', 'plugins']
    files: ^.*.py$
--- a/.yamllint
+++ b/.yamllint
@@ -16,8 +16,13 @@ rules:
  truthy:
    allowed-values: ["yes", "no", "true", "false", "True", "False"]
    level: error
-  line-length:
-    max: 160
  # Disabled rules
+  document-start: disable
  indentation: disable
+  line-length: disable
+  colons: disable
+  empty-lines: disable
  comments: disable
+  comments-indentation: disable
+  trailing-spaces: disable
+  new-line-at-end-of-file: disable
--- a/README-automember.md
+++ b/README-automember.md
@@ -1,139 +0,0 @@
-Automember module
-===========
-
-Description
-----------
-
-The automember module allows to ensure presence or absence of automember rules and manage automember rule conditions.
-
-Features
--------
-
-* Automember management
-
-
-Supported FreeIPA Versions
--------------------------
-
-FreeIPA versions 4.4.0 and up are supported by the ipaautomember module.
-
-
-Requirements
------------
-
-**Controller**
-* Ansible version: 2.8+
-
-**Node**
-* Supported FreeIPA version (see above)
-
-
-Usage
-=====
-
-Example inventory file
-
-```ini
-[ipaserver]
-ipaserver.test.local
-```
-
-Example playbook to make sure group automember rule is present with no conditions.
-
-```yaml
---
- name: Playbook to ensure a group automember rule is present with no conditions
-  hosts: ipaserver
-  become: yes
-  gather_facts: no
-  tasks:
-    - ipaautomember:
-        ipaadmin_password: SomeADMINpassword
-        name: admins
-        description: "my automember rule"
-        automember_type: group
-```
-
-Example playbook to make sure group automember rule is present with conditions:
-
-```yaml
---
- name: Playbook to add a group automember rule with two conditions
-  hosts: ipaserver
-  become: yes
-  gather_facts: no
-  tasks:
-  - ipaautomember:
-      ipaadmin_password: SomeADMINpassword
-      name: admins
-      description: "my automember rule"
-      automember_type: group
-      inclusive:
-        - key: mail
-          expression: '@example.com$'
-      exclusive:
-        - key: uid
-          expression: "1234"
-```
-
-Example playbook to delete a group automember rule:
-
-```yaml
- name: Playbook to delete a group automember rule
-  hosts: ipaserver
-  become: yes
-  gather_facts: no
-  tasks:
-    - ipaautomember:
-        ipaadmin_password: SomeADMINpassword
-        name: admins
-        description: "my automember rule"
-        automember_type: group
-        state: absent
-```
-
-Example playbook to add an inclusive condition to an existing rule
-
-```yaml
- name: Playbook to add an inclusive condition to an existing rule
-  hosts: ipaserver
-  become: yes
-  gather_facts: no
-  tasks:
-    - ipaautomember:
-        ipaadmin_password: SomeADMINpassword
-        name: "My domain hosts"
-        description: "my automember condition"
-        automember_tye: hostgroup
-        action: member
-        inclusive:
-          - key: fqdn
-            expression: ".*.mydomain.com"
-```
-
-
-Variables
---------
-
-ipaautomember
-------
-
-Variable | Description | Required
-------- | ----------- | --------
-`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
-`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
-`name` \| `cn` | Automember rule. | yes
-`description` | A description of this auto member rule. | no
-`automember_type` | Grouping to which the rule applies. It can be one of `group`, `hostgroup`. | yes
-`inclusive` | List of dictionaries in the format of `{'key': attribute, 'expression': inclusive_regex}` | no
-`exclusive` | List of dictionaries in the format of `{'key': attribute, 'expression': exclusive_regex}` | no
-`action` | Work on automember or member level. It can be one of `member` or `automember` and defaults to `automember`. | no
-`state` | The state to ensure. It can be one of `present`, `absent`, default: `present`. | no
-
-
-Authors
-=======
-
-Mark Hahl
--- a/README-automountlocation.md
+++ b/README-automountlocation.md
@@ -1,116 +0,0 @@
-Automountlocation module
-=====================
-
-Description
-----------
-
-The automountlocation module allows the addition and removal of locations for automount maps
-
-It is desgined to follow the IPA api as closely as possible while ensuring ease of use.
-
-
-Features
--------
-* Automount location management
-
-Supported FreeIPA Versions
--------------------------
-
-FreeIPA versions 4.4.0 and up are supported by the ipaautomountlocation module.
-
-Requirements
------------
-**Controller**
-* Ansible version: 2.8+
-
-**Node**
-* Supported FreeIPA version (see above)
-
-
-Usage
-=====
-
-Example inventory file
-
-```ini
-[ipaserver]
-ipaserver.test.local
-```
-
-
-Example playbook to ensure presence of an automount location:
-
-```yaml
---
- name: Playbook to add an automount location
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: ensure a automount location named DMZ exists
-    ipaautomountlocation:
-      ipaadmin_password: SomeADMINpassword
-      name: DMZ
-      state: present
-
-```
-
-Example playbook to ensure presence of multiple automount locations:
-
-```yaml
---
- name: Playbook to add an automount location
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: ensure a automount location named DMZ exists
-    ipaautomountlocation:
-      ipaadmin_password: SomeADMINpassword
-      name:
-        - DMZ
-        - PROD
-        - development
-        - test
-      state: present
-```
-
-
-Example playbook to ensure absence of an automount location:
-
-```yaml
---
- name: Playbook to ensure an automount location is absent
-  hosts: ipaserver
-  become: true
-
-  tasks:
-  - name: ensure automount locations LOCATION1 and LOCATION2 do not exist
-    ipaautomountlocation:
-      ipaadmin_password: SomeADMINpassword
-      name:
-        - LOCATION1
-        - LOCATION2
-      state: absent
-```
-
-Variables
-=========
-
-ipaautomountlocation
-------
-
-Variable | Description | Required
-------- | ----------- | --------
-`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
-`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
-`name` \| `cn` \| `location` | List of one or more automountlocation names. | yes
-`state` | The state to ensure. It can be one of `present`, or `absent`, default: `present`. | no
-
-
-Authors
-=======
-
-Chris Procter
--- a/README-config.md
+++ b/README-config.md
@@ -56,7 +56,7 @@ Example playbook to read config options:
      register: result
    - name: display default login shell
      debug:
-        msg: '{{ result.config.defaultlogin }}'
+        msg: '{{result.config.defaultlogin }}'

    - name: ensure defaultloginshell and maxusernamelength are set as required
      ipaconfig:
@@ -91,8 +91,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `maxusername` \| `ipamaxusernamelength` |  Set the maximum username length (1 to 255) | no
 `maxhostname` \| `ipamaxhostnamelength` |  Set the maximum hostname length between 64-255. Only usable with IPA versions 4.8.0 and up. | no
 `homedirectory` \| `ipahomesrootdir` |  Set the default location of home directories | no
--- a/README-delegation.md
+++ b/README-delegation.md
@@ -142,8 +142,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `aciname` | The list of delegation name strings. | yes
 `permission` \| `permissions` |  The permission to grant `read`, `read,write`, `write`]. Default is `write`. | no
 `attribute` \| `attrs` | The attribute list to which the delegation applies. | no
--- a/README-dnsconfig.md
+++ b/README-dnsconfig.md
@@ -126,8 +126,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `forwarders` | The list of forwarders dicts. Each `forwarders` dict entry has:| no
 &nbsp; | `ip_address` - The IPv4 or IPv6 address of the DNS server. | yes
 &nbsp; | `port` - The custom port that should be used on this server. | no
--- a/README-dnsforwardzone.md
+++ b/README-dnsforwardzone.md
@@ -107,8 +107,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | Zone name (FQDN). | yes if `state` == `present`
 `forwarders` \| `idnsforwarders` |  Per-zone forwarders. A custom port can be specified for each forwarder. Options | no
 &nbsp; | `ip_address`: The forwarder IP address. | yes
--- a/README-dnsrecord.md
+++ b/README-dnsrecord.md
@@ -249,8 +249,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `zone_name` \| `dnszone` | The DNS zone name to which DNS record needs to be managed. You can use one global zone name for multiple records. | no
  required: true
 `records` | The list of dns records dicts. Each `records` dict entry can contain **record variables**. | no
--- a/README-dnszone.md
+++ b/README-dnszone.md
@@ -84,6 +84,7 @@ Example playbook to create a DNS zone with all currently supported variables:
        - ip_address: 8.8.8.8
        - ip_address: 8.8.4.4
          port: 52
+      serial: 1234
      refresh: 3600
      retry: 900
      expire: 1209600
@@ -202,8 +203,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `zone_name` | The zone name string or list of strings. | no
 `name_from_ip` | Derive zone name from reverse of IP (PTR). Can only be used with `state: present`. | no
 `forwarders` | The list of forwarders dicts. Each `forwarders` dict entry has:| no
@@ -219,6 +218,7 @@ Variable | Description | Required
 `dnssec`| Allow inline DNSSEC signing of records in the zone | no
 `allow_transfer`| List of IP addresses or networks which are allowed to transfer the zone | no
 `allow_query`| List of IP addresses or networks which are allowed to issue queries | no
+`serial`| SOA record serial number | no
 `refresh`| SOA record refresh time | no
 `retry`| SOA record retry time | no
 `expire`| SOA record expire time | no
--- a/README-group.md
+++ b/README-group.md
@@ -154,14 +154,12 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of group name strings. | no
 `description` | The group description string. | no
 `gid` \| `gidnumber` | The GID integer. | no
-`posix` | Create a non-POSIX group or change a non-POSIX to a posix group. `nonposix`, `posix` and `external` are mutually exclusive. (bool) | no
-`nonposix` | Create as a non-POSIX group. `nonposix`, `posix` and `external` are mutually exclusive. (bool) | no
-`external` | Allow adding external non-IPA members from trusted domains. `nonposix`, `posix` and `external` are mutually exclusive. (bool) | no
+`posix` | Create a non-POSIX group or change a non-POSIX to a posix group. (bool) | no
+`nonposix` | Create as a non-POSIX group. (bool) | no
+`external` | Allow adding external non-IPA members from trusted domains. (bool) | no
 `nomembers` | Suppress processing of membership attributes. (bool) | no
 `user` | List of user name strings assigned to this group. | no
 `group` | List of group name strings assigned to this group. | no
--- a/README-hbacrule.md
+++ b/README-hbacrule.md
@@ -136,8 +136,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of hbacrule name strings. | yes
 `description` | The hbacrule description string. | no
 `usercategory` \| `usercat` | User category the rule applies to. Choices: ["all", ""] | no
--- a/README-hbacsvc.md
+++ b/README-hbacsvc.md
@@ -98,8 +98,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` \| `service` | The list of hbacsvc name strings. | no
 `description` | The hbacsvc description string. | no
 `state` | The state to ensure. It can be one of `present` or `absent`, default: `present`. | no
--- a/README-hbacsvcgroup.md
+++ b/README-hbacsvcgroup.md
@@ -136,8 +136,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of hbacsvcgroup name strings. | no
 `description` | The hbacsvcgroup description string. | no
 `nomembers` | Suppress processing of membership attributes. (bool) | no
--- a/README-host.md
+++ b/README-host.md
@@ -266,10 +266,10 @@ Example playbook to ensure presence of member managedby_host for serveral hosts:
    ipahost:
      ipaadmin_password: SomeADMINpassword
      hosts:
-      - name: host01.example.com
-        managedby_host: server.example.com
-      - name: host02.example.com
-        managedby_host: server.example.com
+      - name: host01.exmaple.com
+        managedby_host: server.exmaple.com
+      - name: host02.exmaple.com
+        managedby_host: server.exmaple.com
      action: member
 ```

@@ -320,8 +320,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `fqdn` | The list of host name strings. `name` with *host variables* or `hosts` containing *host variables* need to be used. | no
 **Host variables** | Only used with `name` variable in the first level. | no
 `hosts` | The list of host dicts. Each `hosts` dict entry can contain **host variables**.<br>There is one required option in the `hosts` dict:| no
--- a/README-hostgroup.md
+++ b/README-hostgroup.md
@@ -150,8 +150,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of hostgroup name strings. | no
 `description` | The hostgroup description string. | no
 `nomembers` | Suppress processing of membership attributes. (bool) | no
--- a/README-location.md
+++ b/README-location.md
@@ -81,8 +81,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `idnsname` | The list of location name strings. | yes
 `description` | The IPA location string | false
 `state` | The state to ensure. It can be one of `present`, `absent`, default: `present`. | no
--- a/README-permission.md
+++ b/README-permission.md
@@ -161,8 +161,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The permission name string. | yes
 `right` \| `ipapermright` | Rights to grant. It can be a list of one or more of `read`, `search`, `compare`, `write`, `add`, `delete`, and `all` default: `all` | no
 `attrs` | All attributes to which the permission applies. | no
@@ -177,7 +175,7 @@ Variable | Description | Required
 `targetgroup` | User group to apply permissions to (sets target) | no
 `object_type` | Type of IPA object (sets subtree and objectClass targetfilter) | no
 `no_members` | Suppress processing of membership | no
-`rename` \| `new_name` | Rename the permission object | no
+`rename` | Rename the permission object | no
 `action` | Work on permission or member level. It can be on of `member` or `permission` and defaults to `permission`. | no
 `state` | The state to ensure. It can be one of `present`, `absent`, or `renamed` default: `present`. | no

--- a/README-privilege.md
+++ b/README-privilege.md
@@ -133,8 +133,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin`. | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node. | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of privilege name strings. | yes
 `description` | Privilege description. | no
 `rename` \| `new_name` | Rename the privilege object. | no
--- a/README-pwpolicy.md
+++ b/README-pwpolicy.md
@@ -98,8 +98,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of pwpolicy name strings. If name is not given, `global_policy` will be used automatically. | no
 `maxlife` \| `krbmaxpwdlife` | Maximum password lifetime in days. (int) | no
 `minlife` \| `krbminpwdlife` | Minimum password lifetime in hours. (int) | no
--- a/README-role.md
+++ b/README-role.md
@@ -245,11 +245,9 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of role name strings. | yes
 `description` | A description for the role. | no
-`rename` \| `new_name` | Rename the role object. | no
+`rename` | Rename the role object. | no
 `privilege` | Privileges associated to this role. | no
 `user` | List of users to be assigned or not assigned to the role. | no
 `group` | List of groups to be assigned or not assigned to the role. | no
--- a/README-selfservice.md
+++ b/README-selfservice.md
@@ -138,8 +138,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `aciname` | The list of selfservice name strings. | yes
 `permission` \| `permissions` |  The permission to grant `read`, `read,write`, `write`]. Default is `write`. | no
 `attribute` \| `attrs` | The attribute list to which the selfservice applies. | no
--- a/README-server.md
+++ b/README-server.md
@@ -1,269 +0,0 @@
-Server module
-============
-
-Description
-----------
-
-The server module allows to ensure presence and absence of servers. The module requires an existing server, the deployment of a new server can not be done with the module.
-
-Features
--------
-
-* Server management
-
-
-Supported FreeIPA Versions
--------------------------
-
-FreeIPA versions 4.4.0 and up are supported by the ipaserver module.
-
-
-Requirements
------------
-
-**Controller**
-* Ansible version: 2.8+
-
-**Node**
-* Supported FreeIPA version (see above)
-
-
-Usage
-=====
-
-Example inventory file
-
-```ini
-[ipaserver]
-ipaserver.test.local
-```
-
-
-Example playbook to make sure server "server.example.com" is already present in the topology:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-```
-
-This task is not deploying a new server, it is only checking if the server eists. It will therefore fail if the server does not exist.
-
-
-Example playbook to make sure server "server.example.com" has location mylocation:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      location: mylocation
-```
-
-
-Example playbook to make sure server "server.example.com" does not have a location:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      location: ""
-```
-
-
-Example playbook to make sure server "server.example.com" has service weight 1:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      service_weight: 1
-```
-
-
-Example playbook to make sure server "server.example.com" does not have a service weight:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      service_weight: -1
-```
-
-
-Example playbook to make sure server "server.example.com" is hidden:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      hidden: yes
-```
-
-
-Example playbook to make sure server "server.example.com" is not hidden:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      hidden: no
-```
-
-
-Example playbook to make sure server "server.example.com" is absent from the topology:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      state: absent
-```
-
-
-Example playbook to make sure server "server.example.com" is absent from the topology in continuous mode to ignore errors:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      continue: yes
-      state: absent
-```
-
-
-Example playbook to make sure server "server.example.com" is absent from the topology with skipping the last of role check:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      ignore_last_of_role: yes
-      state: absent
-```
-
-
-Example playbook to make sure server "server.example.com" is absent from the topology with skipping the topology disconnect check:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      ignore_topology_disconnect: yes
-      state: absent
-```
-
-
-Example playbook to make sure server "server.example.com" is absent from the domain in force mode even if it does not exist:
-
-```yaml
---
- name: Playbook to manage IPA server.
-  hosts: ipaserver
-  become: yes
-
-  tasks:
-  - ipaserver:
-      ipaadmin_password: SomeADMINpassword
-      name: server.example.com
-      force: yes
-      state: absent
-```
-
-This task will always report a change.
-
-
-
-Variables
---------
-
-ipaserver
-------
-
-Variable | Description | Required
-------- | ----------- | --------
-`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
-`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
-`name` \| `cn` | The list of server name strings. | yes
-`location` \| `ipalocation_location` | The server location string. Only in state: present. "" for location reset. | no
-`service_weight` \| `ipaserviceweight` | Weight for server services. Type Values 0 to 65535, -1 for weight reset. Only in state: present. (int) | no
-`hidden` | Set hidden state of a server. Only in state: present. (bool) | no
-`no_members` | Suppress processing of membership attributes. Only in state: present. (bool) | no
-`delete_continue` \| `continue` | Continuous mode: Don't stop on errors. Only in state: absent. (bool) | no
-`ignore_last_of_role` | Skip a check whether the last CA master or DNS server is removed. Only in state: absent. (bool) | no
-`ignore_topology_disconnect` | Ignore topology connectivity problems after removal. Only in state: absent. (bool) | no
-`force` | Force server removal even if it does not exist. Will always result in changed. Only in state: absent. (bool) | no
-`state` | The state to ensure. It can be one of `present`, `absent`, default: `present`. `present` is only working with existing servers. | no
-
-
-Authors
-=======
-
-Thomas Woerner
--- a/README-service.md
+++ b/README-service.md
@@ -291,8 +291,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `service` | The list of service name strings. | yes
 `certificate` \| `usercertificate` | Base-64 encoded service certificate. | no
 `pac_type` \| `ipakrbauthzdata` | Supported PAC type. It can be one of `MS-PAC`, `PAD`, or `NONE`. | no
@@ -313,8 +311,6 @@ Variable | Description | Required
 `allow_retrieve_keytab_host` \| `ipaallowedtoperform_read_keys_host` | Hosts allowed to retrieve a keytab from of host. | no
 `allow_retrieve_keytab_hostgroup` \| `ipaallowedtoperform_read_keys_hostgroup` | Host groups allowed to retrieve a keytab of this host. | no
 `continue` | Continuous mode: don't stop on errors. Valid only if `state` is `absent`. Default: `no` (bool) | no
-`smb` | Service is an SMB service. If set, `cifs/` will be prefixed to the service name if needed. | no
-`netbiosname` | NETBIOS name for the SMB service. Only with `smb: yes`. | no
 `action` | Work on service or member level. It can be on of `member` or `service` and defaults to `service`. | no
 `state` | The state to ensure. It can be one of `present`, `absent`, or `disabled`, default: `present`. | no

--- a/README-sudocmd.md
+++ b/README-sudocmd.md
@@ -67,7 +67,7 @@ Example playbook to make sure sudocmd is absent:

  tasks:
  # Ensure sudocmd are absent
-  - ipasudocmd:
+  - ipahostgroup:
      ipaadmin_password: SomeADMINpassword
      name: /usr/bin/su
      state: absent
@@ -83,8 +83,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `sudocmd` | The sudo command strings. | yes
 `description` | The command description string. | no
 `nomembers` | Suppress processing of membership attributes. (bool) | no
--- a/README-sudocmdgroup.md
+++ b/README-sudocmdgroup.md
@@ -123,8 +123,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of sudocmdgroup name strings. | no
 `description` | The sudocmdgroup description string. | no
 `nomembers` | Suppress processing of membership attributes. (bool) | no
--- a/README-sudorule.md
+++ b/README-sudorule.md
@@ -120,14 +120,12 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of sudorule name strings. | yes
 `description` | The sudorule description string. | no
 `usercategory` \| `usercat` | User category the rule applies to. Choices: ["all", ""] | no
 `hostcategory` \| `hostcat` | Host category the rule applies to. Choices: ["all", ""] | no
 `cmdcategory` \| `cmdcat` | Command category the rule applies to. Choices: ["all", ""] | no
-`runasusercategory` \| `runasusercat` | RunAs User category the rule applies to. Choices: ["all", ""] | no
+`runasusercategory` \| `rusasusercat` | RunAs User category the rule applies to. Choices: ["all", ""] | no
 `runasgroupcategory` \| `runasgroupcat` | RunAs Group category the rule applies to. Choices: ["all", ""] | no
 `nomembers` | Suppress processing of membership attributes. (bool) | no
 `host` | List of host name strings assigned to this sudorule. | no
@@ -138,8 +136,8 @@ Variable | Description | Required
 `deny_sudocmd` | List of sudocmd name strings assigned to the deny group of this sudorule. | no
 `allow_sudocmdgroup` | List of sudocmd groups name strings assigned to the allow group of this sudorule. | no
 `deny_sudocmdgroup` | List of sudocmd groups name strings assigned to the deny group of this sudorule. | no
-`sudooption` \| `options` | List of options to the sudorule | no
-`order` \| `sudoorder` | Integer to order the sudorule | no
+`sudooption` \| `option` | List of options to the sudorule | no
+`order` | Integer to order the sudorule | no
 `runasuser` | List of users for Sudo to execute as. | no
 `runasgroup` | List of groups for Sudo to execute as. | no
 `action` | Work on sudorule or member level. It can be on of `member` or `sudorule` and defaults to `sudorule`. | no
--- a/README-topology.md
+++ b/README-topology.md
@@ -159,13 +159,11 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `suffix` | The topology suffix to be used, this can either be `domain`, `ca` or `domain+ca` | yes
 `name` \| `cn` | The topology segment name (cn) is the unique identifier for a segment. | no
 `left` \| `leftnode` | The left replication node string - an IPA server | no
 `right` \| `rightnode` | The right replication node string - an IPA server | no
-`direction` | The direction a segment will be reinitialized. It can either be `left-to-right` or `right-to-left` and only used with `state: reinitialized` | no
+`direction` | The direction a segment will be reinitialized. It can either be `left-to-right` or `right-to-left` and only used with `state: reinitialized` | 
 `state` | The state to ensure. It can be one of `present`, `absent`, `enabled`, `disabled`, `checked` or `reinitialized` | yes


@@ -178,8 +176,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `suffix` | The topology suffix to be used, this can either be `domain` or `ca` | yes
 `state` | The state to ensure. It can only be `verified` | yes

--- a/README-trust.md
+++ b/README-trust.md
@@ -101,8 +101,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `realm` | The realm name string. | yes
 `admin` | Active Directory domain administrator string. | no
 `password` | Active Directory domain administrator's password string. | no
--- a/README-user.md
+++ b/README-user.md
@@ -365,8 +365,6 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` | The list of user name strings. `name` with *user variables* or `users` containing *user variables* need to be used. | no
 **User variables** | Only used with `name` variable in the first level. | no
 `users` | The list of user dicts. Each `users` dict entry can contain **user variables**.<br>There is one required option in the `users` dict:| no
--- a/README-vault.md
+++ b/README-vault.md
@@ -217,29 +217,25 @@ Variable | Description | Required
 -------- | ----------- | --------
 `ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
 `ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
-`ipaapi_context` | The context in which the module will execute. Currently only `client` is supported by this module, and use of `server` will raise a failure. | no
-`ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of vault name strings. | yes
 `description` | The vault description string. | no
+`nomembers` | Suppress processing of membership attributes. (bool) | no
 `password` \| `vault_password` \| `ipavaultpassword` \| `old_password`| Vault password. | no
 `password_file` \| `vault_password_file` \| `old_password_file`| File containing Base64 encoded Vault password. | no
 `new_password` | Vault new password. | no
 `new_password_file` | File containing Base64 encoded new Vault password. | no
-`public_key ` \| `vault_public_key` \| `ipavaultpublickey` | Base64 encoded vault public key. | no
+`public_key ` \| `vault_public_key` \| `old_password_file` | Base64 encoded vault public key. | no
 `public_key_file` \| `vault_public_key_file` | Path to file with public key. | no
-`private_key `\| `vault_private_key` \| `ipavaultprivatekey` | Base64 encoded vault private key. Used only to retrieve data. | no
+`private_key `\| `vault_private_key` | Base64 encoded vault private key. Used only to retrieve data. | no
 `private_key_file` \| `vault_private_key_file` | Path to file with private key. Used only to retrieve data. | no
 `salt` \| `vault_salt` \| `ipavaultsalt` | Vault salt. | no
 `vault_type` \| `ipavaulttype` | Vault types are based on security level. It can be one of `standard`, `symmetric` or `asymmetric`, default: `symmetric` | no
-`username` \| `user` | Any user can own one or more user vaults. | no
+`user` \| `username` | Any user can own one or more user vaults. | no
 `service` | Any service can own one or more service vaults. | no
 `shared` | Vault is shared. Default to false. (bool) | no
-`users` | List of users that are members of the vault. | no
-`groups` | List of groups that are member of the vault. | no
-`services` | List of services that are member of the vault. | no
-`owners` \| `ownerusers` | List of users that are owners of the vault. | no
-`ownergroups` | List of groups that are owners of the vault. | no
-`ownerservices` | List of services that are owners of the vault. | no
+`users` | Users that are members of the vault. | no
+`groups` | Groups that are member of the vault. | no
+`services` | Services that are member of the vault. | no
 `data` \|`vault_data` \| `ipavaultdata` | Data to be stored in the vault. | no
 `in` \| `datafile_in` | Path to file with data to be stored in the vault. | no
 `out` \| `datafile_out` | Path to file to store data retrieved from the vault. | no
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@ FreeIPA Ansible collection

 This repository contains [Ansible](https://www.ansible.com/) roles and playbooks to install and uninstall [FreeIPA](https://www.freeipa.org/) `servers`, `replicas` and `clients`. Also modules for group, host, topology and user management.

-**Note**: The Ansible playbooks and roles require a configured Ansible environment where the Ansible nodes are reachable and are properly set up to have an IP address and a working package manager.
+**Note**: The ansible playbooks and roles require a configured ansible environment where the ansible nodes are reachable and are properly set up to have an IP address and a working package manager.

 Features
 --------
@@ -12,7 +12,6 @@ Features
 * One-time-password (OTP) support for client installation
 * Repair mode for clients
 * Backup and restore, also to and from controller
-* Modules for automembership rule management
 * Modules for config management
 * Modules for delegation management
 * Modules for dns config management
@@ -31,13 +30,12 @@ Features
 * Modules for pwpolicy management
 * Modules for role management
 * Modules for self service management
-* Modules for server management
 * Modules for service management
 * Modules for sudocmd management
 * Modules for sudocmdgroup management
 * Modules for sudorule management
 * Modules for topology management
-* Modules for trust management
+* Modules fot trust management
 * Modules for user management
 * Modules for vault management

@@ -114,7 +112,7 @@ ansible-freeipa/plugins/module_utils to ~/.ansible/plugins/

 There are RPM packages available for Fedora 29+. These are installing the roles and modules into the global Ansible directories for `roles`, `plugins/modules` and `plugins/module_utils` in the `/usr/share/ansible` directory. Therefore is it possible to use the roles and modules without adapting the names like it is done in the example playbooks.

-**Ansible Galaxy**
+**Ansible galaxy**

 This command will get the whole collection from galaxy:

@@ -138,7 +136,7 @@ The needed adaptions of collection prefixes for `modules` and `module_utils` wil
 Ansible inventory file
 ----------------------

-The most important parts of the inventory file is the definition of the nodes, settings and the management modules. Please remember to use [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html) for passwords. The examples here are not using vault for better readability.
+The most important parts of the inventory file is the definition of the nodes, settings and the management modules. Please remember to use [Ansible vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html) for passwords. The examples here are not using vault for better readability.

 **Master server**

@@ -282,7 +280,7 @@ ipaserver_domain=test.local
 ipaserver_realm=TEST.LOCAL
 ```

-For enhanced security it is possible to use a auto-generated one-time-password (OTP). This will be generated on the controller using the (first) server. It is needed to have the python-gssapi bindings installed on the controller for this.
+For enhanced security it is possible to use a auto-generated one-time-password (OTP). This will be generated on the controller using the (first) server. It is needed to have the Python gssapi bindings installed on the controller for this.
 To enable the generation of the one-time-password:
 ```yaml
 [ipaclients:vars]
@@ -347,7 +345,7 @@ With this playbook it is possible to add a list of topology segments using the `
 Playbooks
 =========

-The playbooks needed to deploy or undeploy servers, replicas and clients are part of the repository and placed in the playbooks folder. There are also playbooks to deploy and undeploy clusters. With them it is only needed to add an inventory file:
+The playbooks needed to deploy or undeploy server, replicas and clients are part of the repository and placed in the playbooks folder. There are also playbooks to deploy and undeploy clusters. With them it is only needed to add an inventory file:
 ```
 playbooks\
        install-client.yml
@@ -368,7 +366,7 @@ ansible-playbook -v -i inventory/hosts install-server.yml
 ```
 This will deploy the master server defined in the inventory file.

-If Ansible Vault is used for passwords, then it is needed to adapt the playbooks in this way:
+If Ansible vault is used for passwords, then it is needed to adapt the playbooks in this way:
 ```yaml
 ---
 - name: Playbook to configure IPA servers
@@ -423,7 +421,6 @@ Roles
 Modules in plugin/modules
 =========================

-* [ipaautomember](README-automember.md)
 * [ipaconfig](README-config.md)
 * [ipadelegation](README-delegation.md)
 * [ipadnsconfig](README-dnsconfig.md)
@@ -442,7 +439,6 @@ Modules in plugin/modules
 * [ipapwpolicy](README-pwpolicy.md)
 * [iparole](README-role.md)
 * [ipaselfservice](README-ipaselfservice.md)
-* [ipaserver](README-server.md)
 * [ipaservice](README-service.md)
 * [ipasudocmd](README-sudocmd.md)
 * [ipasudocmdgroup](README-sudocmdgroup.md)
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -1,4 +1,3 @@
---
 namespace: "freeipa"
 name: "ansible_freeipa"
 version: "A.B.C"
@@ -15,6 +14,8 @@ issues: "https://github.com/freeipa/ansible-freeipa/issues"
 readme: "README.md"
 license: "GPL-3.0-or-later"

+dependencies:
+
 tags:
  - "system"
  - "identity"
--- a/meta/runtime.yml
+++ b/meta/runtime.yml
@@ -1,2 +0,0 @@
---
-requires_ansible: ">=2.9"
--- a/molecule/resources/playbooks/prepare-common.yml
+++ b/molecule/resources/playbooks/prepare-common.yml
@@ -1,4 +1,3 @@
---
 # IPA depends on IPv6 and without it dirsrv service won't start.
 - name: Ensure IPv6 is ENABLED
  sysctl:
@@ -7,7 +6,7 @@
    sysctl_set: yes
    state: present
    reload: yes
-  with_items:
+  with_items :
    - name: net.ipv6.conf.all.disable_ipv6
      value: 0
    - name: net.ipv6.conf.lo.disable_ipv6
@@ -26,8 +25,9 @@
 - name: Ensure fs.protected_regular is disabled
  sysctl:
    name: fs.protected_regular
-    value: '0'
+    value: 0
    sysctl_set: yes
    state: present
    reload: yes
  when: result.stat.exists
+
--- a/molecule/resources/playbooks/prepare.yml
+++ b/molecule/resources/playbooks/prepare.yml
@@ -16,7 +16,6 @@
      owner: dirsrv
      group: dirsrv
      path: "{{ item }}"
-      mode: 0770
    loop:
      - /var/lock/dirsrv/
      - /var/lock/dirsrv/slapd-TEST-LOCAL/
--- a/playbooks/automember/automember-group-absent.yml
+++ b/playbooks/automember/automember-group-absent.yml
@@ -1,11 +0,0 @@
---
- name: Automember group absent example
-  hosts: ipaserver
-  become: true
-  tasks:
-  - name: Ensure group automember rule admins is absent
-    ipaautomember:
-      ipaadmin_password: SomeADMINpassword
-      name: admins
-      automember_type: group
-      state: absent
--- a/playbooks/automember/automember-group-present.yml
+++ b/playbooks/automember/automember-group-present.yml
@@ -1,11 +0,0 @@
---
- name: Automember group present example
-  hosts: ipaserver
-  become: true
-  tasks:
-  - name: Ensure group automember rule admins is present
-    ipaautomember:
-      ipaadmin_password: SomeADMINpassword
-      name: admins
-      automember_type: group
-      state: present
--- a/playbooks/automember/automember-hostgroup-absent.yml
+++ b/playbooks/automember/automember-hostgroup-absent.yml
@@ -1,11 +0,0 @@
---
- name: Automember hostgroup absent example
-  hosts: ipaserver
-  become: true
-  tasks:
-  - name: Ensure hostgroup automember rule ipaservers is absent
-    ipaautomember:
-      ipaadmin_password: SomeADMINpassword
-      name: ipaservers
-      automember_type: hostgroup
-      state: absent
--- a/playbooks/automember/automember-hostgroup-present.yml
+++ b/playbooks/automember/automember-hostgroup-present.yml
@@ -1,11 +0,0 @@
---
- name: Automember hostgroup present example
-  hosts: ipaserver
-  become: true
-  tasks:
-  - name: Ensure hostgroup automember rule ipaservers is absent
-    ipaautomember:
-      ipaadmin_password: SomeADMINpassword
-      name: ipaservers
-      automember_type: hostgroup
-      state: present
--- a/playbooks/automember/automember-hostgroup-rule-absent.yml
+++ b/playbooks/automember/automember-hostgroup-rule-absent.yml
@@ -1,15 +0,0 @@
---
- name: Automember hostgroup rule member absent example
-  hosts: ipaserver
-  become: true
-  tasks:
-  - name: Ensure hostgroup automember condition is absent
-    ipaautomember:
-      ipaadmin_password: SomeADMINpassword
-      name: "My domain hosts"
-      automember_type: hostgroup
-      state: absent
-      action: member
-      inclusive:
-        - key: fqdn
-          expression: ".*.mydomain.com"
--- a/playbooks/automember/automember-hostgroup-rule-present.yml
+++ b/playbooks/automember/automember-hostgroup-rule-present.yml
@@ -1,15 +0,0 @@
---
- name: Automember hostgroup rule member present example
-  hosts: ipaserver
-  become: true
-  tasks:
-  - name: Ensure hostgroup automember condition is present
-    ipaautomember:
-      ipaadmin_password: SomeADMINpassword
-      name: "My domain hosts"
-      automember_type: hostgroup
-      state: present
-      action: member
-      inclusive:
-        - key: fqdn
-          expression: ".*.mydomain.com"
--- a/playbooks/automount/automount-location-absent.yml
+++ b/playbooks/automount/automount-location-absent.yml
@@ -1,12 +0,0 @@
---
- name: Automount locations absnet example
-  hosts: ipaserver
-  become: true
-  tasks:
-  - name: Ensure automount locations DMZ and internal are absent
-    ipaautomountlocation:
-      ipaadmin_password: SomeADMINpassword
-      name:
-        - DMZ
-        - internal
-      state: absent
--- a/playbooks/automount/automount-location-present.yml
+++ b/playbooks/automount/automount-location-present.yml
@@ -1,12 +0,0 @@
---
- name: Automount location present example
-  hosts: ipaserver
-  become: true
-  tasks:
-  - name: Ensure automount locations DMZ and internal are present
-    ipaautomountlocation:
-      ipaadmin_password: SomeADMINpassword
-      name:
-        - DMZ
-        - internal
-      state: present
--- a/playbooks/config/retrieve-config.yml
+++ b/playbooks/config/retrieve-config.yml
@@ -10,6 +10,5 @@
      ipaadmin_password: SomeADMINpassword
    register: serverconfig

-  - name: Display current configuration.
-    debug:
+  - debug:
      msg: "{{ serverconfig }}"
--- a/playbooks/dnsforwardzone/ensure-dnsforwardzone-is-absent.yml
+++ b/playbooks/dnsforwardzone/ensure-dnsforwardzone-is-absent.yml
@@ -5,7 +5,7 @@
  gather_facts: false

  tasks:
-  - name: Ensure DNS forward zone is absent
-    ipadnsforwardzone:
+  # Ensure DNS zone is present
+  - ipadnsforwardzone:
      ipaadmin_password: SomeADMINpassword
      state: absent
--- a/playbooks/dnsforwardzone/ensure-dnsforwardzone-is-present.yml
+++ b/playbooks/dnsforwardzone/ensure-dnsforwardzone-is-present.yml
@@ -5,8 +5,8 @@
  gather_facts: false

  tasks:
-  - name: Ensure DNS forward zone is present
-    ipadnsforwardzone:
+  # Ensure DNS zone is present
+  - ipadnsforwardzone:
      ipaadmin_password: SomeADMINpassword
      name: example.com
      forwarders:
--- a/playbooks/dnsforwardzone/ensure-dnsforwardzone-with-forwarder-port.yml
+++ b/playbooks/dnsforwardzone/ensure-dnsforwardzone-with-forwarder-port.yml
@@ -5,8 +5,8 @@
  gather_facts: false

  tasks:
-  - name: Ensure DNS forward zone is present with forwarder address and non-standard port.
-    ipadnsforwardzone:
+  # Ensure DNS zone is present
+  - ipadnsforwardzone:
      ipaadmin_password: SomeADMINpassword
      name: example.com
      forwarders:
--- a/playbooks/dnsrecord/ensure-A-and-AAAA-records-are-absent.yml
+++ b/playbooks/dnsrecord/ensure-A-and-AAAA-records-are-absent.yml
@@ -1,11 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test PTR Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure that 'host04' A and AAAA records are absent.
+  # Ensure a PTR record is present
+  - name: Ensure that 'host04' has A and AAAA records.
    ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      zone_name: ipatest.local
--- a/playbooks/dnsrecord/ensure-A-and-AAAA-records-are-present.yml
+++ b/playbooks/dnsrecord/ensure-A-and-AAAA-records-are-present.yml
@@ -1,11 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test PTR Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure that 'host04' A and AAAA records are present.
+  # Ensure a PTR record is present
+  - name: Ensure that 'host04' has A and AAAA records.
    ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      zone_name: ipatest.local
--- a/playbooks/dnsrecord/ensure-CNAME-record-is-absent.yml
+++ b/playbooks/dnsrecord/ensure-CNAME-record-is-absent.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test CNAME Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure that 'host04' has CNAME, with cname_hostname, is absent
-    ipadnsrecord:
+  # Ensure that 'host04' has CNAME, with cname_hostname
+  - ipadnsrecord:
      zone_name: example.com
      name: host04
      cname_hostname: host04.example.com
--- a/playbooks/dnsrecord/ensure-CNAME-record-is-present.yml
+++ b/playbooks/dnsrecord/ensure-CNAME-record-is-present.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test CNAME Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure that 'host04' has CNAME, with cname_hostname, is present
-    ipadnsrecord:
+  # Ensure that 'host04' has CNAME, with cname_hostname
+  - ipadnsrecord:
      zone_name: example.com
      name: host04
      cname_hostname: host04.example.com
--- a/playbooks/dnsrecord/ensure-MX-record-is-present.yml
+++ b/playbooks/dnsrecord/ensure-MX-record-is-present.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Ensure MX Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure an MX record is present
-    ipadnsrecord:
+  # Ensure an MX record is absent
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      name: '@'
      record_type: 'MX'
--- a/playbooks/dnsrecord/ensure-PTR-record-is-present.yml
+++ b/playbooks/dnsrecord/ensure-PTR-record-is-present.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test PTR Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure a PTR record is present
-    ipadnsrecord:
+  # Ensure a PTR record is present
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      name: 5
      record_type: 'PTR'
--- a/playbooks/dnsrecord/ensure-SRV-record-is-present.yml
+++ b/playbooks/dnsrecord/ensure-SRV-record-is-present.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test SRV Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure a SRV record is present
-    ipadnsrecord:
+  # Ensure a SRV record is present
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      name: _kerberos._udp.example.com
      record_type: 'SRV'
--- a/playbooks/dnsrecord/ensure-SSHFP-record-is-present.yml
+++ b/playbooks/dnsrecord/ensure-SSHFP-record-is-present.yml
@@ -1,13 +1,13 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test SSHFP Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
+  # Ensure a SSHFP record is present
  # SSHFP fingerprint generated with `ssh-keygen -r host04.testzone.local`
-  - name: Ensure a SSHFP record is present
-    ipadnsrecord:
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      zone_name: example.com
      name: host04
--- a/playbooks/dnsrecord/ensure-TLSA-record-is-present.yml
+++ b/playbooks/dnsrecord/ensure-TLSA-record-is-present.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test SSHFP Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure a TLSA record is present
-    ipadnsrecord:
+  # Ensure a SSHFP record is present
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      zone_name: example.com
      name: host04
--- a/playbooks/dnsrecord/ensure-TXT-record-is-present.yml
+++ b/playbooks/dnsrecord/ensure-TXT-record-is-present.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test TXT Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure a TXT record is present
-    ipadnsrecord:
+  # Ensure a TXT record is absent
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      name: _kerberos
      record_type: 'TXT'
--- a/playbooks/dnsrecord/ensure-URI-record-is-present.yml
+++ b/playbooks/dnsrecord/ensure-URI-record-is-present.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test URI Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure a URI record is present
-    ipadnsrecord:
+  # Ensure a URI record is absent
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      name: _ftp._tcp
      record_type: 'URI'
--- a/playbooks/dnsrecord/ensure-dnsrecord-is-absent.yml
+++ b/playbooks/dnsrecord/ensure-dnsrecord-is-absent.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test DNS Record is absent.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure that dns localhost AAAA record is absent
-    ipadnsrecord:
+  # Ensure that dns record is absent
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      name: host01
      zone_name: example.com
--- a/playbooks/dnsrecord/ensure-dnsrecord-is-present.yml
+++ b/playbooks/dnsrecord/ensure-dnsrecord-is-present.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test DNS Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure that dns record is present
-    ipadnsrecord:
+  # Ensure that dns record is present
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      name: host01
      zone_name: example.com
--- a/playbooks/dnsrecord/ensure-dnsrecord-with-reverse-is-present.yml
+++ b/playbooks/dnsrecord/ensure-dnsrecord-with-reverse-is-present.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test DNS Record is present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure that dns record is present
-    ipadnsrecord:
+  # Ensure that dns record is present
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      name: host01
      zone_name: example.com
--- a/playbooks/dnsrecord/ensure-presence-multiple-records.yml
+++ b/playbooks/dnsrecord/ensure-presence-multiple-records.yml
@@ -1,12 +1,12 @@
 ---
- name: Playbook to manage DNS records.
+- name: Test multiple DNS Records are present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
-  - name: Ensure that multiple dns records are present
-    ipadnsrecord:
+  # Ensure that multiple dns records are present
+  - ipadnsrecord:
      ipaadmin_password: SomeADMINpassword
      records:
        - name: host01
--- a/playbooks/dnszone/dnszone-all-params.yml
+++ b/playbooks/dnszone/dnszone-all-params.yml
@@ -1,4 +1,3 @@
---
 - name: dnszone present
  hosts: ipaserver
  become: true
--- a/playbooks/dnszone/dnszone-present.yml
+++ b/playbooks/dnszone/dnszone-present.yml
@@ -1,4 +1,3 @@
---
 - name: dnszone present
  hosts: ipaserver
  become: true
--- a/playbooks/host/host-member-allow_create_keytab-absent.yml
+++ b/playbooks/host/host-member-allow_create_keytab-absent.yml
@@ -7,7 +7,7 @@
  - name: Host host1.example.com members allow_create_keytab absent for users, groups, hosts and hostgroups
    ipahost:
      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
+      name: host01.exmaple.com
      allow_create_keytab_user:
      - user01
      - user02
@@ -15,8 +15,8 @@
      - group01
      - group02
      allow_create_keytab_host:
-      - host02.example.com
-      - host03.example.com
+      - host02.exmaple.com
+      - host03.exmaple.com
      allow_create_keytab_hostgroup:
      - hostgroup01
      - hostgroup02
--- a/playbooks/host/host-member-allow_create_keytab-present.yml
+++ b/playbooks/host/host-member-allow_create_keytab-present.yml
@@ -7,7 +7,7 @@
  - name: Host host1.example.com members allow_create_keytab present for users, groups, hosts and hostgroups
    ipahost:
      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
+      name: host01.exmaple.com
      allow_create_keytab_user:
      - user01
      - user02
@@ -15,8 +15,8 @@
      - group01
      - group02
      allow_create_keytab_host:
-      - host02.example.com
-      - host03.example.com
+      - host02.exmaple.com
+      - host03.exmaple.com
      allow_create_keytab_hostgroup:
      - hostgroup01
      - hostgroup02
--- a/playbooks/host/host-member-allow_retrieve_keytab-absent.yml
+++ b/playbooks/host/host-member-allow_retrieve_keytab-absent.yml
@@ -7,7 +7,7 @@
  - name: Host host1.example.com members allow_retrieve_keytab absent for users, groups, hosts and hostgroups
    ipahost:
      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
+      name: host01.exmaple.com
      allow_retrieve_keytab_user:
      - user01
      - user02
@@ -15,8 +15,8 @@
      - group01
      - group02
      allow_retrieve_keytab_host:
-      - host02.example.com
-      - host03.example.com
+      - host02.exmaple.com
+      - host03.exmaple.com
      allow_retrieve_keytab_hostgroup:
      - hostgroup01
      - hostgroup02
--- a/playbooks/host/host-member-allow_retrieve_keytab-present.yml
+++ b/playbooks/host/host-member-allow_retrieve_keytab-present.yml
@@ -7,7 +7,7 @@
  - name: Host host1.example.com members allow_retrieve_keytab present for users, groups, hosts and hostgroups
    ipahost:
      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
+      name: host01.exmaple.com
      allow_retrieve_keytab_user:
      - user01
      - user02
@@ -15,8 +15,8 @@
      - group01
      - group02
      allow_retrieve_keytab_host:
-      - host02.example.com
-      - host03.example.com
+      - host02.exmaple.com
+      - host03.exmaple.com
      allow_retrieve_keytab_hostgroup:
      - hostgroup01
      - hostgroup02
--- a/playbooks/host/host-member-certificate-absent.yml
+++ b/playbooks/host/host-member-certificate-absent.yml
@@ -1,4 +1,3 @@
---
 - name: Host member certificate absent
  hosts: ipaserver
  become: true
@@ -9,24 +8,6 @@
      ipaadmin_password: SomeADMINpassword
      name: host01.example.com
      certificate:
-      - >
-        MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvc
-        NAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMD
-        EwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBA
-        QUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6X
-        sqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7G
-        PHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8H
-        nSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRc
-        mZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2Q
-        glidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplR
-        BoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldn
-        f13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBA
-        f8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4K
-        k+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGs
-        GLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31y
-        kBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0
-        fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9m
-        BDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8
-        AN65NAdv7+js8jKUKCuyji8r3
+      - MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMDEwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6XsqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7GPHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8HnSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRcmZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2QglidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplRBoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldnf13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4Kk+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGsGLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31ykBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9mBDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8AN65NAdv7+js8jKUKCuyji8r3
      action: member
      state: absent
--- a/playbooks/host/host-member-certificate-present.yml
+++ b/playbooks/host/host-member-certificate-present.yml
@@ -1,4 +1,3 @@
---
 - name: Host member certificate present
  hosts: ipaserver
  become: true
@@ -9,23 +8,5 @@
      ipaadmin_password: SomeADMINpassword
      name: host01.example.com
      certificate:
-      - >
-        MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvc
-        NAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMD
-        EwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBA
-        QUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6X
-        sqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7G
-        PHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8H
-        nSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRc
-        mZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2Q
-        glidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplR
-        BoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldn
-        f13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBA
-        f8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4K
-        k+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGs
-        GLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31y
-        kBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0
-        fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9m
-        BDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8
-        AN65NAdv7+js8jKUKCuyji8r3
+      - MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMDEwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6XsqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7GPHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8HnSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRcmZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2QglidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplRBoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldnf13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4Kk+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGsGLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31ykBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9mBDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8AN65NAdv7+js8jKUKCuyji8r3
      action: member
--- a/playbooks/host/host-member-managedby_host-absent.yml
+++ b/playbooks/host/host-member-managedby_host-absent.yml
@@ -4,10 +4,9 @@
  become: true

  tasks:
-  - name: Ensure host member managedby_host 'server.example.com' is absent
-    ipahost:
+  - ipahost:
      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
-      managedby_host: server.example.com
+      name: host01.exmaple.com
+      managedby_host: server.exmaple.com
      action: member
      state: absent
--- a/playbooks/host/host-member-managedby_host-present.yml
+++ b/playbooks/host/host-member-managedby_host-present.yml
@@ -4,9 +4,8 @@
  become: true

  tasks:
-  - name: Ensure host member managedby_host 'server.example.com' is present
-    ipahost:
+  - ipahost:
      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
-      managedby_host: server.example.com
+      name: host01.exmaple.com
+      managedby_host: server.exmaple.com
      action: member
--- a/playbooks/host/host-present-with-allow_create_keytab.yml
+++ b/playbooks/host/host-present-with-allow_create_keytab.yml
@@ -7,7 +7,7 @@
  - name: Host host1.example.com present with allow_create_keytab for users, groups, hosts and hostgroups
    ipahost:
      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
+      name: host01.exmaple.com
      allow_create_keytab_user:
      - user01
      - user02
@@ -15,8 +15,8 @@
      - group01
      - group02
      allow_create_keytab_host:
-      - host02.example.com
-      - host03.example.com
+      - host02.exmaple.com
+      - host03.exmaple.com
      allow_create_keytab_hostgroup:
      - hostgroup01
      - hostgroup02
--- a/playbooks/host/host-present-with-allow_retrieve_keytab.yml
+++ b/playbooks/host/host-present-with-allow_retrieve_keytab.yml
@@ -7,7 +7,7 @@
  - name: Host host1.example.com present with allow_retrieve_keytab for users, groups, hosts and hostgroups
    ipahost:
      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
+      name: host01.exmaple.com
      allow_retrieve_keytab_user:
      - user01
      - user02
@@ -15,8 +15,8 @@
      - group01
      - group02
      allow_retrieve_keytab_host:
-      - host02.example.com
-      - host03.example.com
+      - host02.exmaple.com
+      - host03.exmaple.com
      allow_retrieve_keytab_hostgroup:
      - hostgroup01
      - hostgroup02
--- a/playbooks/host/host-present-with-certificate.yml
+++ b/playbooks/host/host-present-with-certificate.yml
@@ -1,4 +1,3 @@
---
 - name: Host present with certificate
  hosts: ipaserver
  become: true
@@ -9,23 +8,5 @@
      ipaadmin_password: SomeADMINpassword
      name: host01.example.com
      certificate:
-      - >
-        MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvc
-        NAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMD
-        EwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBA
-        QUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6X
-        sqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7G
-        PHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8H
-        nSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRc
-        mZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2Q
-        glidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplR
-        BoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldn
-        f13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBA
-        f8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4K
-        k+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGs
-        GLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31y
-        kBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0
-        fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9m
-        BDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8
-        AN65NAdv7+js8jKUKCuyji8r3
+      - MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMDEwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6XsqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7GPHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8HnSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRcmZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2QglidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplRBoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldnf13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4Kk+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGsGLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31ykBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9mBDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8AN65NAdv7+js8jKUKCuyji8r3
      force: yes
--- a/playbooks/host/host-present-with-managedby_host.yml
+++ b/playbooks/host/host-present-with-managedby_host.yml
@@ -4,9 +4,8 @@
  become: true

  tasks:
-  - name: Ensure host is present with managedby_host attribute.
-    ipahost:
+  - ipahost:
      ipaadmin_password: SomeADMINpassword
-      name: host01.example.com
-      managedby_host: server.example.com
+      name: host01.exmaple.com
+      managedby_host: server.exmaple.com
      force: yes
--- a/playbooks/host/hosts-member-certificate-absent.yml
+++ b/playbooks/host/hosts-member-certificate-absent.yml
@@ -4,51 +4,15 @@
  become: true

  tasks:
-  - name: Hosts host01.example.com and host01.example.com member certificate absent
+  - name: Hosts host01.example.com and host01.exmaple.com member certificate absent
    ipahost:
      ipaadmin_password: SomeADMINpassword
      hosts:
      - name: host01.example.com
        certificate:
-        - >
-          MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvc
-          NAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMD
-          EwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBA
-          QUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6X
-          sqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7G
-          PHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8H
-          nSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRc
-          mZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2Q
-          glidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplR
-          BoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldn
-          f13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBA
-          f8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4K
-          k+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGs
-          GLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31y
-          kBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0
-          fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9m
-          BDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8
-          AN65NAdv7+js8jKUKCuyji8r3
+        - MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMDEwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6XsqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7GPHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8HnSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRcmZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2QglidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplRBoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldnf13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4Kk+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGsGLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31ykBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9mBDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8AN65NAdv7+js8jKUKCuyji8r3
      - name: host02.example.com
        certificate:
-        - >
-          MIIC/zCCAeegAwIBAgIUAWE1vaA+mZd3nwZqwWH64EbHvR0wDQYJKoZIhvc
-          NAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4NDVaFw0yMD
-          EwMTMxNjI4NDVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBA
-          QUAA4IBDwAwggEKAoIBAQCWzJibKtN8Zf7LgandINhFonx99AKi44iaZkrl
-          MKEObE6Faf8NTUbUgK3VfJNYmCbA1baLVJ0YZJijJ7S/4o7h7eeqcJVXJkE
-          hWNTimWXNW/YCzTHe3SSapnSYOKmdHHRClplysL8OyyEG7pbX/aB9iAfFb/
-          +vUFCX5sMwFFrYxOimKJ9Pc/NRFtdv1wNw1rqWKF1ZzagWRlG4QgzRGwQ4q
-          uc7yO98TKikj2OPiIt7Zd46hbqQxmgGBtCkVOZIhxu77OmNrFsXmM4rZZpm
-          qh0UdqcpwkRojVnGXmNqeMCd6dNTnLhr9wukUYw0KgE57zCDVr9Ix+p/dA5
-          R1mG4RJ2XAgMBAAGjUzBRMB0GA1UdDgQWBBSbuiH2lNVrID3yt1SsFwtOFK
-          OnpTAfBgNVHSMEGDAWgBSbuiH2lNVrID3yt1SsFwtOFKOnpTAPBgNVHRMBA
-          f8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBCVWd293wWyohFqMFMHRBB
-          g97T2Uc1yeT0dMH4BpuOaCqQp4q5ep+uLcXEI6+3mEwm8pa/ULQCD8yLLdo
-          tIWlG3+h/4boFpdiPFcBDgT8kGe+0KOzB8Nt7E13QYOu12MNi10qwGrjKhd
-          hu1xBe4fpY5VCetVU1OLyuTsUyucQsFrtZI0SR83h+blbyoMZ7IhMngCfGU
-          e1bnYeWnLbpFbigKfPuVDWsMH2kgj05EAd5EgHkWbX8QA8hmcmDKfNT3YZM
-          8kiGQwmFrnQdq8bN0uHR8Nz+24cbmdbHcD65wlDW6GmYxi8mW+V6bAqn9pi
-          r/J14r4YFnqMGgjmdt81tscJV
+        - MIIC/zCCAeegAwIBAgIUAWE1vaA+mZd3nwZqwWH64EbHvR0wDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4NDVaFw0yMDEwMTMxNjI4NDVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWzJibKtN8Zf7LgandINhFonx99AKi44iaZkrlMKEObE6Faf8NTUbUgK3VfJNYmCbA1baLVJ0YZJijJ7S/4o7h7eeqcJVXJkEhWNTimWXNW/YCzTHe3SSapnSYOKmdHHRClplysL8OyyEG7pbX/aB9iAfFb/+vUFCX5sMwFFrYxOimKJ9Pc/NRFtdv1wNw1rqWKF1ZzagWRlG4QgzRGwQ4quc7yO98TKikj2OPiIt7Zd46hbqQxmgGBtCkVOZIhxu77OmNrFsXmM4rZZpmqh0UdqcpwkRojVnGXmNqeMCd6dNTnLhr9wukUYw0KgE57zCDVr9Ix+p/dA5R1mG4RJ2XAgMBAAGjUzBRMB0GA1UdDgQWBBSbuiH2lNVrID3yt1SsFwtOFKOnpTAfBgNVHSMEGDAWgBSbuiH2lNVrID3yt1SsFwtOFKOnpTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBCVWd293wWyohFqMFMHRBBg97T2Uc1yeT0dMH4BpuOaCqQp4q5ep+uLcXEI6+3mEwm8pa/ULQCD8yLLdotIWlG3+h/4boFpdiPFcBDgT8kGe+0KOzB8Nt7E13QYOu12MNi10qwGrjKhdhu1xBe4fpY5VCetVU1OLyuTsUyucQsFrtZI0SR83h+blbyoMZ7IhMngCfGUe1bnYeWnLbpFbigKfPuVDWsMH2kgj05EAd5EgHkWbX8QA8hmcmDKfNT3YZM8kiGQwmFrnQdq8bN0uHR8Nz+24cbmdbHcD65wlDW6GmYxi8mW+V6bAqn9pir/J14r4YFnqMGgjmdt81tscJV
      action: member
      state: absent
--- a/playbooks/host/hosts-member-certificate-present.yml
+++ b/playbooks/host/hosts-member-certificate-present.yml
@@ -4,50 +4,14 @@
  become: true

  tasks:
-  - name: Hosts host01.example.com and host01.example.com member certificate present
+  - name: Hosts host01.example.com and host01.exmaple.com member certificate present
    ipahost:
      ipaadmin_password: SomeADMINpassword
      hosts:
      - name: host01.example.com
        certificate:
-        - >
-          MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvc
-          NAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMD
-          EwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBA
-          QUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6X
-          sqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7G
-          PHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8H
-          nSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRc
-          mZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2Q
-          glidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplR
-          BoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldn
-          f13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBA
-          f8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4K
-          k+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGs
-          GLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31y
-          kBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0
-          fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9m
-          BDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8
-          AN65NAdv7+js8jKUKCuyji8r3
+        - MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMDEwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6XsqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7GPHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8HnSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRcmZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2QglidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplRBoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldnf13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4Kk+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGsGLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31ykBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9mBDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8AN65NAdv7+js8jKUKCuyji8r3
      - name: host02.example.com
        certificate:
-        - >
-          MIIC/zCCAeegAwIBAgIUAWE1vaA+mZd3nwZqwWH64EbHvR0wDQYJKoZIhvc
-          NAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4NDVaFw0yMD
-          EwMTMxNjI4NDVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBA
-          QUAA4IBDwAwggEKAoIBAQCWzJibKtN8Zf7LgandINhFonx99AKi44iaZkrl
-          MKEObE6Faf8NTUbUgK3VfJNYmCbA1baLVJ0YZJijJ7S/4o7h7eeqcJVXJkE
-          hWNTimWXNW/YCzTHe3SSapnSYOKmdHHRClplysL8OyyEG7pbX/aB9iAfFb/
-          +vUFCX5sMwFFrYxOimKJ9Pc/NRFtdv1wNw1rqWKF1ZzagWRlG4QgzRGwQ4q
-          uc7yO98TKikj2OPiIt7Zd46hbqQxmgGBtCkVOZIhxu77OmNrFsXmM4rZZpm
-          qh0UdqcpwkRojVnGXmNqeMCd6dNTnLhr9wukUYw0KgE57zCDVr9Ix+p/dA5
-          R1mG4RJ2XAgMBAAGjUzBRMB0GA1UdDgQWBBSbuiH2lNVrID3yt1SsFwtOFK
-          OnpTAfBgNVHSMEGDAWgBSbuiH2lNVrID3yt1SsFwtOFKOnpTAPBgNVHRMBA
-          f8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBCVWd293wWyohFqMFMHRBB
-          g97T2Uc1yeT0dMH4BpuOaCqQp4q5ep+uLcXEI6+3mEwm8pa/ULQCD8yLLdo
-          tIWlG3+h/4boFpdiPFcBDgT8kGe+0KOzB8Nt7E13QYOu12MNi10qwGrjKhd
-          hu1xBe4fpY5VCetVU1OLyuTsUyucQsFrtZI0SR83h+blbyoMZ7IhMngCfGU
-          e1bnYeWnLbpFbigKfPuVDWsMH2kgj05EAd5EgHkWbX8QA8hmcmDKfNT3YZM
-          8kiGQwmFrnQdq8bN0uHR8Nz+24cbmdbHcD65wlDW6GmYxi8mW+V6bAqn9pi
-          r/J14r4YFnqMGgjmdt81tscJV
+        - MIIC/zCCAeegAwIBAgIUAWE1vaA+mZd3nwZqwWH64EbHvR0wDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4NDVaFw0yMDEwMTMxNjI4NDVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWzJibKtN8Zf7LgandINhFonx99AKi44iaZkrlMKEObE6Faf8NTUbUgK3VfJNYmCbA1baLVJ0YZJijJ7S/4o7h7eeqcJVXJkEhWNTimWXNW/YCzTHe3SSapnSYOKmdHHRClplysL8OyyEG7pbX/aB9iAfFb/+vUFCX5sMwFFrYxOimKJ9Pc/NRFtdv1wNw1rqWKF1ZzagWRlG4QgzRGwQ4quc7yO98TKikj2OPiIt7Zd46hbqQxmgGBtCkVOZIhxu77OmNrFsXmM4rZZpmqh0UdqcpwkRojVnGXmNqeMCd6dNTnLhr9wukUYw0KgE57zCDVr9Ix+p/dA5R1mG4RJ2XAgMBAAGjUzBRMB0GA1UdDgQWBBSbuiH2lNVrID3yt1SsFwtOFKOnpTAfBgNVHSMEGDAWgBSbuiH2lNVrID3yt1SsFwtOFKOnpTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBCVWd293wWyohFqMFMHRBBg97T2Uc1yeT0dMH4BpuOaCqQp4q5ep+uLcXEI6+3mEwm8pa/ULQCD8yLLdotIWlG3+h/4boFpdiPFcBDgT8kGe+0KOzB8Nt7E13QYOu12MNi10qwGrjKhdhu1xBe4fpY5VCetVU1OLyuTsUyucQsFrtZI0SR83h+blbyoMZ7IhMngCfGUe1bnYeWnLbpFbigKfPuVDWsMH2kgj05EAd5EgHkWbX8QA8hmcmDKfNT3YZM8kiGQwmFrnQdq8bN0uHR8Nz+24cbmdbHcD65wlDW6GmYxi8mW+V6bAqn9pir/J14r4YFnqMGgjmdt81tscJV
      action: member
--- a/playbooks/host/hosts-member-managedby_host-absent.yml
+++ b/playbooks/host/hosts-member-managedby_host-absent.yml
@@ -8,9 +8,9 @@
    ipahost:
      ipaadmin_password: SomeADMINpassword
      hosts:
-      - name: host01.example.com
-        managedby_host: server.example.com
-      - name: host02.example.com
-        managedby_host: server.example.com
+      - name: host01.exmaple.com
+        managedby_host: server.exmaple.com
+      - name: host02.exmaple.com
+        managedby_host: server.exmaple.com
      action: member
      state: absent
--- a/playbooks/host/hosts-member-managedby_host-present.yml
+++ b/playbooks/host/hosts-member-managedby_host-present.yml
@@ -4,12 +4,12 @@
  become: true

  tasks:
-  - name: Ensure hosts manadegby_host is present.
+  - name: Ensure hosts manadegby_host is absent.
    ipahost:
      ipaadmin_password: SomeADMINpassword
      hosts:
-      - name: host01.example.com
-        managedby_host: server.example.com
-      - name: host02.example.com
-        managedby_host: server.example.com
+      - name: host01.exmaple.com
+        managedby_host: server.exmaple.com
+      - name: host02.exmaple.com
+        managedby_host: server.exmaple.com
      action: member
--- a/playbooks/host/hosts-member-principal-absent.yml
+++ b/playbooks/host/hosts-member-principal-absent.yml
@@ -4,15 +4,15 @@
  become: true

  tasks:
-  - name: Hosts host01.example.com and host02.example.com member principals host/testhost0X.example.com absent
+  - name: Hosts host01.exmaple.com and host02.exmaple.com member principals host/testhost0X.exmaple.com absent
    ipahost:
      ipaadmin_password: SomeADMINpassword
      hosts:
-      - name: host01.example.com
+      - name: host01.exmaple.com
        principal:
-        - host/testhost01.example.com
-      - name: host02.example.com
+        - host/testhost01.exmaple.com
+      - name: host02.exmaple.com
        principal:
-        - host/testhost02.example.com
+        - host/testhost02.exmaple.com
      action: member
      state: absent
--- a/playbooks/host/hosts-member-principal-present.yml
+++ b/playbooks/host/hosts-member-principal-present.yml
@@ -4,14 +4,14 @@
  become: true

  tasks:
-  - name: Hosts host01.example.com and host02.example.com member principals host/testhost0X.example.com present
+  - name: Hosts host01.exmaple.com and host02.exmaple.com member principals host/testhost0X.exmaple.com present
    ipahost:
      ipaadmin_password: SomeADMINpassword
      hosts:
-      - name: host01.example.com
+      - name: host01.exmaple.com
        principal:
-        - host/testhost01.example.com
-      - name: host02.example.com
+        - host/testhost01.exmaple.com
+      - name: host02.exmaple.com
        principal:
-        - host/testhost02.example.com
+        - host/testhost02.exmaple.com
      action: member
--- a/playbooks/host/hosts-present-with-certificate.yml
+++ b/playbooks/host/hosts-present-with-certificate.yml
@@ -4,50 +4,14 @@
  become: true

  tasks:
-  - name: Hosts host01.example.com and host01.example.com present with certificate
+  - name: Hosts host01.example.com and host01.exmaple.com present with certificate
    ipahost:
      ipaadmin_password: SomeADMINpassword
      hosts:
      - name: host01.example.com
        certificate:
-        - >
-          MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvc
-          NAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMD
-          EwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBA
-          QUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6X
-          sqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7G
-          PHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8H
-          nSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRc
-          mZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2Q
-          glidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplR
-          BoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldn
-          f13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBA
-          f8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4K
-          k+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGs
-          GLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31y
-          kBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0
-          fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9m
-          BDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8
-          AN65NAdv7+js8jKUKCuyji8r3
+        - MIIC/zCCAeegAwIBAgIUZGHLaSYg1myp6EI4VGWSC27vOrswDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4MzVaFw0yMDEwMTMxNjI4MzVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDER/lB8wUAmPTSwSc/NOXNlzdpPOQDSwrhKH6XsqZF4KpQoSY/nmCjAhJmOVpOUo4K2fGRZ0yAH9fkGv6yJP6c7IAFjLeec7GPHVwN4bZrP1DXfTAmfmXhcRQbCYkV+wmq8Puzw/+xA9EJrrodnJPPsE6E8HnSVLF6Ys9+cJMJ7HuwOI+wYt3gkmspsir1tccmf4x1PP+yHJWdcXyetlFRcmZ8gspjqOR2jb89xSQsh8gcyDW6rPNlSTzYZ2FmNtjES6ZhCsYL31fQbF2QglidlLGpAlvHUUS+xCigW73cvhFPMWXcfO51Mr15RcgYTckY+7QZ2nYqplRBoDlQl6DnAgMBAAGjUzBRMB0GA1UdDgQWBBTPG99XVRdxpOXMZo3Nhy+ldnf13TAfBgNVHSMEGDAWgBTPG99XVRdxpOXMZo3Nhy+ldnf13TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAjWTcnIl2mpNbfHAN8DB4Kk+RNRmhsH0y+r/47MXVTMMMToCfofeNY3Jeohu+2lIXMPQfTvXUbDTkNAGsGLv6LtQEUfSREqgk1eY7bT9BFfpH1uV2ZFhCO9jBA+E4bf55Kx7bgUNG31ykBshOsOblOJM1lS/0q4TWHAxrsU2PNwPi8X0ten+eGeB8aRshxS17Ij2cH0fdAMmSA+jMAvTIZl853Bxe0HuozauKwOFWL4qHm61c4O/j1mQCLqJKYfJ9mBDWFQLszd/tF+ePKiNhZCQly60F8Lumn2CDZj5UIkl8wk9Wls5n1BIQs+M8AN65NAdv7+js8jKUKCuyji8r3
      - name: host02.example.com
        certificate:
-        - >
-          MIIC/zCCAeegAwIBAgIUAWE1vaA+mZd3nwZqwWH64EbHvR0wDQYJKoZIhvc
-          NAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4NDVaFw0yMD
-          EwMTMxNjI4NDVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBA
-          QUAA4IBDwAwggEKAoIBAQCWzJibKtN8Zf7LgandINhFonx99AKi44iaZkrl
-          MKEObE6Faf8NTUbUgK3VfJNYmCbA1baLVJ0YZJijJ7S/4o7h7eeqcJVXJkE
-          hWNTimWXNW/YCzTHe3SSapnSYOKmdHHRClplysL8OyyEG7pbX/aB9iAfFb/
-          +vUFCX5sMwFFrYxOimKJ9Pc/NRFtdv1wNw1rqWKF1ZzagWRlG4QgzRGwQ4q
-          uc7yO98TKikj2OPiIt7Zd46hbqQxmgGBtCkVOZIhxu77OmNrFsXmM4rZZpm
-          qh0UdqcpwkRojVnGXmNqeMCd6dNTnLhr9wukUYw0KgE57zCDVr9Ix+p/dA5
-          R1mG4RJ2XAgMBAAGjUzBRMB0GA1UdDgQWBBSbuiH2lNVrID3yt1SsFwtOFK
-          OnpTAfBgNVHSMEGDAWgBSbuiH2lNVrID3yt1SsFwtOFKOnpTAPBgNVHRMBA
-          f8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBCVWd293wWyohFqMFMHRBB
-          g97T2Uc1yeT0dMH4BpuOaCqQp4q5ep+uLcXEI6+3mEwm8pa/ULQCD8yLLdo
-          tIWlG3+h/4boFpdiPFcBDgT8kGe+0KOzB8Nt7E13QYOu12MNi10qwGrjKhd
-          hu1xBe4fpY5VCetVU1OLyuTsUyucQsFrtZI0SR83h+blbyoMZ7IhMngCfGU
-          e1bnYeWnLbpFbigKfPuVDWsMH2kgj05EAd5EgHkWbX8QA8hmcmDKfNT3YZM
-          8kiGQwmFrnQdq8bN0uHR8Nz+24cbmdbHcD65wlDW6GmYxi8mW+V6bAqn9pi
-          r/J14r4YFnqMGgjmdt81tscJV
+        - MIIC/zCCAeegAwIBAgIUAWE1vaA+mZd3nwZqwWH64EbHvR0wDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0xOTEwMTQxNjI4NDVaFw0yMDEwMTMxNjI4NDVaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWzJibKtN8Zf7LgandINhFonx99AKi44iaZkrlMKEObE6Faf8NTUbUgK3VfJNYmCbA1baLVJ0YZJijJ7S/4o7h7eeqcJVXJkEhWNTimWXNW/YCzTHe3SSapnSYOKmdHHRClplysL8OyyEG7pbX/aB9iAfFb/+vUFCX5sMwFFrYxOimKJ9Pc/NRFtdv1wNw1rqWKF1ZzagWRlG4QgzRGwQ4quc7yO98TKikj2OPiIt7Zd46hbqQxmgGBtCkVOZIhxu77OmNrFsXmM4rZZpmqh0UdqcpwkRojVnGXmNqeMCd6dNTnLhr9wukUYw0KgE57zCDVr9Ix+p/dA5R1mG4RJ2XAgMBAAGjUzBRMB0GA1UdDgQWBBSbuiH2lNVrID3yt1SsFwtOFKOnpTAfBgNVHSMEGDAWgBSbuiH2lNVrID3yt1SsFwtOFKOnpTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBCVWd293wWyohFqMFMHRBBg97T2Uc1yeT0dMH4BpuOaCqQp4q5ep+uLcXEI6+3mEwm8pa/ULQCD8yLLdotIWlG3+h/4boFpdiPFcBDgT8kGe+0KOzB8Nt7E13QYOu12MNi10qwGrjKhdhu1xBe4fpY5VCetVU1OLyuTsUyucQsFrtZI0SR83h+blbyoMZ7IhMngCfGUe1bnYeWnLbpFbigKfPuVDWsMH2kgj05EAd5EgHkWbX8QA8hmcmDKfNT3YZM8kiGQwmFrnQdq8bN0uHR8Nz+24cbmdbHcD65wlDW6GmYxi8mW+V6bAqn9pir/J14r4YFnqMGgjmdt81tscJV
      force: yes
--- a/playbooks/host/hosts-present-with-managedby_host.yml
+++ b/playbooks/host/hosts-present-with-managedby_host.yml
@@ -4,13 +4,12 @@
  become: true

  tasks:
-  - name: Ensure hosts are present with managedby_host attribute.
-    ipahost:
+  - ipahost:
      ipaadmin_password: SomeADMINpassword
      hosts:
-      - name: host01.example.com
-        managedby_host: server.example.com
+      - name: host01.exmaple.com
+        managedby_host: server.exmaple.com
        force: yes
-      - name: host02.example.com
-        managedby_host: server.example.com
+      - name: host02.exmaple.com
+        managedby_host: server.exmaple.com
        force: yes
--- a/playbooks/hostgroup/ensure-hostgroup-is-absent.yml
+++ b/playbooks/hostgroup/ensure-hostgroup-is-absent.yml
@@ -4,8 +4,8 @@
  become: true

  tasks:
-  - name: Ensure host-group databases is absent
-    ipahostgroup:
+  # Ensure host-group databases is present
+  - ipahostgroup:
      ipaadmin_password: SomeADMINpassword
      name: databases
      state: absent
--- a/playbooks/hostgroup/ensure-hostgroup-is-present.yml
+++ b/playbooks/hostgroup/ensure-hostgroup-is-present.yml
@@ -4,8 +4,8 @@
  become: true

  tasks:
-  - name: Ensure host-group databases is present
-    ipahostgroup:
+  # Ensure host-group databases is present
+  - ipahostgroup:
      ipaadmin_password: SomeADMINpassword
      name: databases
      host:
--- a/playbooks/hostgroup/ensure-hosts-and-hostgroups-are-absent-in-hostgroup.yml
+++ b/playbooks/hostgroup/ensure-hosts-and-hostgroups-are-absent-in-hostgroup.yml
@@ -4,8 +4,8 @@
  become: true

  tasks:
-  - name: Ensure hosts and hostgroups are absent in existing databases hostgroup
-    ipahostgroup:
+  # Ensure hosts and hostgroups are present in existing databases hostgroup
+  - ipahostgroup:
      ipaadmin_password: SomeADMINpassword
      name: databases
      host:
--- a/playbooks/hostgroup/ensure-hosts-and-hostgroups-are-present-in-hostgroup.yml
+++ b/playbooks/hostgroup/ensure-hosts-and-hostgroups-are-present-in-hostgroup.yml
@@ -4,8 +4,8 @@
  become: true

  tasks:
-  - name: Ensure hosts and hostgroups are present in existing databases hostgroup
-    ipahostgroup:
+  # Ensure hosts and hostgroups are present in existing databases hostgroup
+  - ipahostgroup:
      ipaadmin_password: SomeADMINpassword
      name: databases
      host:
--- a/playbooks/hostgroup/rename-hostgroup.yml
+++ b/playbooks/hostgroup/rename-hostgroup.yml
@@ -4,7 +4,7 @@
  become: yes

  tasks:
-  - name: Rename host-group from `databases` to `datalake`
+  - name : Rename host-group from `databases` to `datalake`
    ipahostgroup:
      ipaadmin_password: SomeADMINpassword
      name: databases
--- a/playbooks/role/role-is-absent.yml
+++ b/playbooks/role/role-is-absent.yml
@@ -5,8 +5,7 @@
  gather_facts: no

  tasks:
-  - name: Ensure role is absent.
-    iparole:
+  - iparole:
      ipaadmin_password: SomeADMINpassword
      name: somerole
      state: absent
--- a/playbooks/role/role-is-present.yml
+++ b/playbooks/role/role-is-present.yml
@@ -5,8 +5,7 @@
  gather_facts: no

  tasks:
-  - name: Ensure role is present.
-    iparole:
+  - iparole:
      ipaadmin_password: SomeADMINpassword
      name: somerole
      description: A role in IPA.
--- a/playbooks/role/role-member-group-absent.yml
+++ b/playbooks/role/role-member-group-absent.yml
@@ -5,8 +5,7 @@
  gather_facts: no

  tasks:
-  - name: Ensure role member 'group' is absent.
-    iparole:
+  - iparole:
      ipaadmin_password: SomeADMINpassword
      name: somerole
      group:
--- a/playbooks/role/role-member-group-present.yml
+++ b/playbooks/role/role-member-group-present.yml
@@ -5,8 +5,7 @@
  gather_facts: no

  tasks:
-  - name: Ensure role member 'group' is present.
-    iparole:
+  - iparole:
      ipaadmin_password: SomeADMINpassword
      name: somerole
      group:
--- a/playbooks/role/role-member-host-absent.yml
+++ b/playbooks/role/role-member-host-absent.yml
@@ -5,8 +5,7 @@
  gather_facts: no

  tasks:
-  - name: Ensure role member 'host' is absent.
-    iparole:
+  - iparole:
      ipaadmin_password: SomeADMINpassword
      name: somerole
      host:
--- a/playbooks/role/role-member-host-present.yml
+++ b/playbooks/role/role-member-host-present.yml
@@ -5,8 +5,7 @@
  gather_facts: no

  tasks:
-  - name: Ensure role member 'host' is present.
-    iparole:
+  - iparole:
      ipaadmin_password: SomeADMINpassword
      name: somerole
      host:
--- a/playbooks/role/role-member-hostgroup-absent.yml
+++ b/playbooks/role/role-member-hostgroup-absent.yml
@@ -5,8 +5,7 @@
  gather_facts: no

  tasks:
-  - name: Ensure role member 'hostgroup' is absent.
-    iparole:
+  - iparole:
      ipaadmin_password: SomeADMINpassword
      name: somerole
      hostgroup:
--- a/Show More
+++ b/Show More