-> Changed specific pieces that are recommended to be changed in Ansible
2.7 and higher (such as using fail_msg and success_msg, not just msg for
assertions
-> Improved the getkeytab adhoc playbook for flexibility and delegations
against a IPA server, as well as forcing the choice of the user with
permissions that can perform the action rather than the default "admin"
user in FreeIPA as a security fix.
Identity management Team in their testing found several issues while
testing the playbooks. To ensure they continue working on deployment and
in testing, we have identified and fixed the following issues:
- Inventory variables moved to separate main.yml files were not in yaml
format
- role-rocky-ipa-client.yml was not directly pointing to its
collection/role
- role-rocky-ipa-replica.yml was not directly pointing to its
collection/role
moved inv vars to group vars
moved roles to collections and fixed playbooks
added a prepare ansible host playbook to download needed roles and playbooks
modified public roles and collection paths to install inside our dir structure to keep them from global installation