Releases: freeipa/ansible-freeipa
Releases · freeipa/ansible-freeipa
ansible-freeipa-1.14.1
ansible-freeipa-1.14.0
Highlights in 1.14.0
- Multi sudorule management with the ipasudorule module
- Use batch command internally for ipasudorule
- Lots of CI/infra fixes and enhancements
- Documentation fixes
Changes since 1.13.2
- infra/image/build.sh: Use consistent options for hostname (#1311)
- linters: Remove pydocstyle from linter checks (#1310)
- Update images to Fedora 41 (#1309)
- upstream CI: Move scripts that evaluate repo changes to infra/azure (#1308)
- upstream CI: Use Azure 'loops' to create stages (#1306)
- ipacert: Fix ipacert tests (#1305)
- Fix upstream CI and remove molecule (#1300)
- pylint gihub workflow: Disable too-many-positional-arguments (#1299)
- fixipaip infra image service: No need for hard coded admin password (#1298)
- New infra image start (#1292)
- ipasudorule: Add support for batch mode and multiple sudorules (#1290)
- fix minor typo in hbacrule and hbacsvcgroup docs (#1285)
- Infra image system services dns and kinit (#1284)
- infra/image/system-services: Enhance checks, also fix reverse zone (#1282)
- tests/user/test_users_present_*: Use new generate_test_data.yml (#1281)
- README-host.md: correction of managedby_host description (#1280)
- Run tests with podman and ubuntu 20.04 (#1276)
- test_services_absent is also part of test_services_present, not needed (#1275)
- Fix multi user tests (#1274)
- New image builder without molecule using podman (#1273)
- tests/service/test_services_present.yml: Add missing cleanup (#1272)
- Truncate stdout and stderr in upstream test log (#1270)
- ipauser: Use date string, not datetime object for expiration dates (#1268)
Detailed changelog since 1.13.2 by author
4 authors, 51 commits
Jon Moore (1)
- fix minor typo in hbacrule and hbacsvcgroup docs
Kees Bakker (1)
- README-host.md: correction of managedby_host description
Rafael Guterres Jeffman (27)
- tests/sudorule: Don't become or gather_facts and use only true/false
- ipasudorule: Add support for batch mode and multiple sudorules
- ansible_freeipa_module_utils: Add EntryFactory class
- upstream CI: Use Azure 'loops' to create stages
- infra/image/build.sh: Use consistent options for hostname
- linters: Remove pydocstyle from linter checks
- build images: Force use --privileged on containers
- build images: Update images for Fedora 41
- upstream CI: Move scripts that evaluate repo changes to infra/azure
- upstream CI: Update Ansible version
- upstream CI: Use Ubuntu 24.04 to build test images
- upstream CI: Enable creation of CentOS 10 Stream images
- upstream CI: Simplify pipelines enviroment creation
- upstream ci: Move Azure scripts to infra directory
- Remove molecule dependencies
- upstream CI: Allow podman options when creating containers
- utils/set_test_modules: Allow to ignore Git differences
- ipacert: Fix ipacert tests
- upstream ci: Remove 'molecule' from tests.
- gitignore: Ignore test results from run-tests.sh
- tests: Allow to set Python interpreter to be used by Ansible
- utils: Rewrite run-tests.sh to use functions and extenal scripts
- ci lint: Allow ShellCheck to test source-d scripts.
- fixup! New image builder without molecule using podman
- ustream ci: Use infra scripts to build testing images
- rjeffman: this is a fixup for infra/images/build.sh
- Add shell utitily functions for scripts
Thomas Woerner (22)
- ipauser: Use date string, not datetime object for expiration dates
- test_services_absent is also part of test_services_present, not needed
- tests/user/test_users_present_*: Use new generate_test_data.yml
- fixipaip infra image service: No need for hard coded admin password
- pylint gihub workflow: Disable too-many-positional-arguments
- Add ansible-freeipa-tests inventory using podman
- infra/image/system-service/fixipaip.sh: Behave idempotent
- infra/image/build.sh: "-s" help fix and cleanup
- Use container-ipa.target from freeipa-container container project
- Renamed infra/image/inventory to build-inventory, dropped interpreter
- infra/image/build.sh: Use new shcontainer
- New infra/image/start.sh script to start the generated containers
- infra/image/system-service/fixipaip.sh: Use of admin for kinit call
- infra/image system-services: Fix DNS forwarder
- infra/image/system-services: Enhance checks, also fix reverse zone
- tests/utils.py: Shorten run_playbook for smaller traceback with assert
- infra/image/build.sh: Fail if deployment failed or podman is missing
- tests/azure/templates/build_container.yml: Use new image builder
- New image builder without molecule using podman
- Fix multi user tests
- tests/service/test_services_present.yml: Add missing cleanup
- Truncate stdout and stderr in upstream test log
ansible-freeipa-1.13.2
Highlights in 1.13.2
- Support for FreeIPA 4.12
- Idempotency fixes
- Minimum supported ansible-core version: 2.15.0
- Fixes for ansible-test 2.17.1
Changes since 1.13.1
- Documentation fixes for issues found by ansible-test part of ansible-core 2.17.1 (#1264)
- tests/sanity/sanity.sh: Install setuptools with pip (#1263)
- user: Fix idp_user_id aliases (#1262)
- plugins/inventory/freeipa: Try imports for requests and urllib3 (#1261)
- permission: Fix idempotency issues for DN parameters (#1259)
- README-service.md: Add multi service handling (#1255)
- Convert input certificates (#1250)
- ansible_freeipa_module: Fix errors in batch mode (#1248)
- Fixes for FreeIPA 4.12 (#1246)
- Bump minimum supported Ansible version (#1130)
Detailed changelog since 1.13.1 by author
2 authors, 35 commits
Rafael Guterres Jeffman (9)
- ansible-freeipa.spec: Bump minimum supported Ansible version to 2.15
- utils/templates: Bump minimum supported Ansible version to 2.15
- ipasmartcard_*: Bump minimum supported Ansible version to 2.15
- ipabackup: Bump minimum supported Ansible version to 2.15
- ipaserver: Bump minimum supported Ansible version to 2.15
- ipareplica: Bump minimum supported Ansible version to 2.15
- ipaclient: Bump minimum supported Ansible version to 2.15
- README-*: Bump minimum Ansible supported version to 2.15
- Set collection ansible-core minimum version to 2.15
Thomas Woerner (26)
- Role modules: Docs: Fix default value for string list parameters
- tests/utils.py: Fix missing whitespace around arithmetic operator (E226)
- ipareplica_prepare: Documentation: Fixed name of ipa_client_installed
- ipaclient_setup_nss: Documentation: Add default for selinux_works
- service: Docs: Fix required for name, add delete_continue to services
- idp: Drop no_log from docs section, allow to log token_uri and keys_uri
- idoverrideuser: Docs: Fix sshpubkey element type, nomembers type
- cert: Fix short_description tag, add chain option, remove authors
- inventory/freeipa: Documentation: Fix version_added and drop plugin_type
- ipamodule_base_docs: Documentation: Fix default for delete_continue
- tests/sanity/sanity.sh: Install setuptools with pip
- user: Fix idp_user_id aliases
- service: Add multi service examples to EXAMPLES
- README-service.md: Add multi service handling
- plugins/inventory/freeipa: Try imports for requests and urllib3
- permission: Fix idempotency issues for DN parameters
- ansible_freeipa_module: Fix errors in batch mode
- ipauser: Use new convert_input_certificates
- ipaidoverrideusere: Use new convert_input_certificates
- ipahost: Use new convert_input_certificates
- ipaservice: Use new convert_input_certificates
- ansible_freeipa_module: New function convert_input_certificates
- ipareplica: After an HSM replica install ensure all certs are visible
- ipareplica: Refactor CA file handling
- ipareplica_install_ca_certs: Do not return unchanged config attributes
- ipaserver: Set hsm attributes to None for now
ansible-freeipa-1.13.1
Changes since 1.13.0
- utils/build-galaxy-release.sh: Fix unary operator expected (v2) (#1242)
Detailed changelog since 1.13.0 by author
1 authors, 1 commits
Thomas Woerner (1)
- utils/build-galaxy-release.sh: Fix unary operator expected (v2)
ansible-freeipa-1.13.0
Highlights in 1.13.0
- New inventory plugin
- Use batch command internally for ipahost, ipaservice and ipauser
- Fix idempotency issues in ipahost, ipaservice and ipauser
- Fix idempotency in ipaclient_dns_resolver
- Documentation fixes
Changes since 1.12.1
- README-group.md: Add missing ":" in multi rename example (#1239)
- README-user.md: Fix state for user rename in example playbook (#1238)
- ipahost: Fix idempotency issues (#1237)
- ipaservice: Do not set continue to None for service_del (#1236)
- ipauser: Fix idempotency issues for members (#1235)
- New inventory plugin (#1231)
- Use batch command internally (#1229)
- utils/build-galaxy-release.sh: Fix offline default value (#1227)
- ipalib.install.kinit moved to ipalib (#1226)
- Bump linter tools versions an fix linter errors (#1225)
- ipaclient_configure_dns_resolver: Return proper changed state (#1224)
- utils/build-galaxy-release.sh: Enable offline generation for rpm (#1223)
- ipaserver_prepare: Properly create IPA_DEFAULT_CONF (#1222)
- ipaserver: Run custodia setup only once (#1221)
- ipaserver_test: Return generated domain_name (#1220)
- Fix ca-less test to use X.509 v3 certificates (#1215)
- README-dnszone: Fix yaml code block declaration. (#1213)
Detailed changelog since 1.12.1 by author
2 authors, 27 commits
Rafael Guterres Jeffman (6)
- fixup! pylint: Ignore usage of 'unicode' before assignment
- pylint: ensure variables are initialized
- pylint: Ignore usage of 'unicode' before assignment
- upstream ci: Update Github actions
- lint tools: bump code verification tools versions
- README-dnszone: Fix yaml code block declaration.
Thomas Woerner (21)
- ipahost: Enable batch command with keeponly
- ipagroup: Enable batch command use with keeponly
- ipaservice: Enable batch command use with keeponly
- ipauser: Enable batch command use with keeponly
- IPAAnsibleModule: Add support for batch command in execute_ipa_commands
- README-group.md: Add missing ":" in multi rename example
- README-user.md: Fix state for user rename in example playbook
- utils/build-galaxy-release.sh: Fix unary operator expected
- New inventory plugin
- ipahost: Fix idempotency issues
- ansible_freeipa_module: Import and provide normalize_sshpubkey
- ipaservice: Do not set continue to None for service_del
- ipauser: Fix idempotency issues for members
- ipalib.install.kinit moved to ipalib
- utils/build-galaxy-release.sh: Fix offline default value
- ipaclient_configure_dns_resolver: Return proper changed state
- utils/build-galaxy-release.sh: Enable offline generation for rpm
- ipaserver_prepare: Properly create IPA_DEFAULT_CONF
- ipaserver: Run custodia setup only once
- ipaserver_test: Return generated domain_name
- Fix ca-less test to use X.509 v3 certificates
ansible-freeipa-1.12.1
Highlights in 1.12.1
- Fix ipaserver deployment on CentOS 8 Stream
- Fix ipaclient deployment with automount
- Fix ipaclient OTP error reporting
- Add missing support for renaming groups and users
- Idempotency fixes in several modules
Changes since 1.12.0
- Disable config tests for pac type without ms pac (#1211)
- ipaclient_setup_automount with new install states (#1208)
- ipaclient: Enable SELinux for SSSD (#1207)
- ipaserver: Fix deployment after Bronze-bit fix (#1206)
- ipahbacrule: Fix handling of hbacsvcgroup in members (#1203)
- ipahostgroup: Fix idempotence issues due to capitalization (#1202)
- ipagroup: Fix idempotence issues due to capitalization (#1201)
- Fixes for ansible-lint 6.22.1 (#1195)
- Revert "[TEMP] Enable only idp, service and user module tests" (#1189)
- Bump minimum ansible-lint version to 6.22 (#1188)
- ipaclient: Fix OTP error reporting (#1187)
- test_host_random: No jinja2 templating in conditional statements (#1186)
- upstream ci: Increase timeout for PR tests (#1184)
- ipaidp: Fix validation and reset of parameters (#1183)
- test_pwpolicy: minlength parameter can be reset with empty string now (#1180)
- ipagroup: Add support for renaming groups (#1178)
- ipauser: Add support for renaming users (#1174)
- ipaclient: Properly name automount_location var and add documentation (#1169)
- ipareplica: Support inventory groups.ipaserver (#1151)
- ipauser: Do not try to modify user when not changing password (#1149)
- ipadnszone: Add support for per-zone privilege delegation (#1147)
- Handle data type or empty string in module_utils (#1143)
- ipasudorule: Allow setting groups for runasuser. (#899)
- ipadelegation: Fix idempotence issues due to capitalization. (#760)
Detailed changelog since 1.12.0 by author
2 authors, 31 commits
Rafael Guterres Jeffman (20)
- ipadelegation: Fix idempotence issues due to capitalization.
- ipagroup: Fix idempotence issues due to capitalization
- ipahostgroup: Fix idempotence issues due to capitalization
- ipaserver: Fix deployment after Bronze-bit fix
- ipahbacrule: Fix handling of hbacsvcgroup in members
- ipasudorule: Allow setting groups for runasuser.
- ipagroup: Add support for renaming groups
- tests/group: Use module_defaults on tests_group
- ipauser: Add support for renaming users
- ipadnszone: Add support for per-zone privilege delegation
- idoveridegroup: Use module.params_get_type
- idoverideuser: Use module.params_get_type
- ipapwpolicy: Use modules.params_get_type
- ansible_freeipa_module: Ensure data type when retrieving parameter
- Rename parameter 'allow_empty_string' to 'allow_empty_list_item'
- upstream ci: Increase timeout for PR tests
- Bump minimum ansible-lint version to 6.22
- ipaclient: Fix OTP error reporting
- ipauser: Do not try to modify user when not changing password
- ipareplica: Support inventory groups.ipaserver
Thomas Woerner (11)
- config: Disable config tests due to pac type requirement MS-PAC
- ipaclient_setup_automount: Only return changed if there was a change
- ipaclient_setup_automount with new install states
- ipaclient: Enable SELinux for SSSD
- Fixes for ansible-lint 6.22.1
- Revert "[TEMP] Enable only idp, service and user module tests"
- test_host_random: No jinja2 templating in conditional statements
- [TEMP] Enable only idp, service and user module tests
- ipaidp: Fix validation and reset of parameters
- test_pwpolicy: minlength parameter can be reset with empty string now
- ipaclient: Properly name automount_location var and add documentation
ansible-freeipa-1.12.0
Highlights in 1.12.0
- New idoverridegroup management module.
- New idoverrideuser management module.
- New idview management module.
- New idp management module.
- Bug fixes and CI improvements.
Changes since 1.11.1
- idoverride{user,group}: Fix delete_continue with state absent (#1176)
- ipahost: Remove dangling dns records during test setup (#1173)
- Update ansible-lint and pylint versions (#1170)
- Reproduce upstream CI groups in developer's machine (#1168)
- upstream CI: Pin ansible-lint version to 6.20 series (#1159)
- ipaidview: Fail to apply unknown (invalid) hosts (#1158)
- upstream CI: Pin Python version to 3.11 (#1157)
- hbacsvcgroup: Remove obsolete result_handler (#1156)
- hbacrule: Fix use of builtin sudo hbacsvcgroup (#1155)
- upstream CI: Fix test selection for CheckPR pipeline. (#1148)
- utils/ansible-freeipa.spec.in: Add ref for idoverridegroup management (#1146)
- Revert "upstream ci: Run nightly tests against Ansible 2.9" (#1145)
- Ensure CI runs against the oldest supported Ansible versions. (#1144)
- Do not use "del os.environ" as the variable might not exist (#1142)
- New idoverridegroup management module. (#1141)
- new_module template fixes (#1140)
- New idoverrideuser management module. (#1139)
- spec file: Updated list of modules (#1138)
- Bump Ansible version to 2.13 (#1136)
- New idview management module. (#1134)
- ipacert: Fix revocation example playbook on README (#1133)
- Updated supported distros (#1131)
- upstream ci: fix sanity test ansible lint failures (#1120)
- Bump linter versions. (#1112)
- New idp management module (#1105)
- upstream CI: Build containers in parallel jobs (#1104)
Detailed changelog since 1.11.1 by author
2 authors, 40 commits
Rafael Guterres Jeffman (28)
- ipahost: Remove dangling dns records during test setup
- utils/run-tests.sh: Replicate Azure's test grouping
- Update ansible-lint and pylint versions
- upstream CI: Build containers in parallel jobs
- upstream ci: Run PR tests using a single job.
- upstream ci: Use a single random seed for spliting tests
- upstream CI: Fix test selection for CheckPR pipeline.
- upstream CI: Pin ansible-lint version to 6.20 series
- upstream CI: Pin Python version to 3.11
- Revert "upstream ci: Run nightly tests against Ansible 2.9"
- upstream ci: Run nightly tests against Ansible 2.9
- upstream ci: Run PR checks against the oldest supported ansible-core
- pylint: Fix redefined-builtin
- pylint: Fix unused-argument
- ci: Bump pylint version
- development: Bump versions of development checks
- pylint: Unnecessary parens after '=' keyword
- Change 'Exception' to 'RuntimeError' when FreeIPA version is too old
- pylint: Disable broad exception warnings
- pylint: Fix warning 'unnecessary "else" after "return"'
- pylint: Disable warning when using non-literal dict
- spec file: Updated list of modules
- ansible-freeipa: Bump minimum supported Ansible version to 2.13
- README-*: Bump minimum supported Ansible version to 2.13
- roles: Bump minimum Ansible version to 2.13
- ansible-lint: Use the same command line as galaxy-importer
- ipacert: Fix revocation example playbook on README
- Updated supported distros
Thomas Woerner (12)
- idoverride{user,group}: Fix delete_continue with state absent
- ipaidview: Fail to apply unknown (invalid) hosts
- hbacsvcgroup: Remove obsolete result_handler
- hbacrule: Fix use of builtin sudo hbacsvcgroup
- utils/ansible-freeipa.spec.in: Add ref for idoverridegroup management
- New idp management module
- New idoverridegroup management module.
- New idoverrideuser management module.
- Do not use "del os.environ" as the variable might not exist
- utils/templates/ipamodule*.py.in: Fix superfluous type in argument spec
- utils/templates/test_module_client_context.yml.in: Fix FQDN issue
- New idview management module.
ansible-freeipa-1.11.1
Highlights in 1.11.1
- Support for GECOS, street, smb and idp attributes in ipauser module
- Support for indirect maps in ipaautomountmap module
- Update of user_auth_type choices in ipaconfig and ipauser modules
- Update of auth_ind choices in ipahost and ipaservice modules
- Upstream test and environment enhancements
- Documentation updates
Changes since 1.11.0
- ci: Increase verbosity for Ansible playbook runs (#1123)
- ansible_freeipa_module: Fix ipa_command_invalid_param_choices (#1122)
- Update authtypes authind readmes (#1119)
- Update authtypes authind (#1118)
- ipaserver: Update README with detailed Ubuntu support (#1117)
- utils/run-tests.sh: Install Ansible collections on virtual environment (#1116)
- Remove dependency on 'virtualenv' (#1114)
- Singular to plural on random serial numbers setting (#1106)
- upstream CI: Update ansible-core version (#1100)
- doc: Differentiate location meaning between host and server (#1098)
- Fix handling of ipapwpolicy attributes usercheck and dictcheck (#1076)
- ipaautomountmap: add support for indirect maps (#1075)
- ipauser: Add support for SMB attributes. (#1056)
- ipauser: Support for External IdP attributes. (#1055)
- ipauser: Add support for parameter "street" (#1044)
- ipauser: Add support to modify GECOS field. (#1039)
Detailed changelog since 1.11.0 by author
3 authors, 25 commits
Rafael Guterres Jeffman (14)
- ci: Increase verbosity for Ansible playbook runs
- ipauser: Support for External IdP attributes.
- ipaserver: Update README with detailed Ubuntu support
- ipaautomountmap: add support for indirect maps
- utils/run-tests.sh: Install Ansible collections on virtual environment
- ipauser: Add support for SMB attributes.
- doc: Differentiate location meaning between host and server
- Remove dependency on 'virtualenv'
- ipauser: Add support for parameter "street"
- ipapwpolicy: Updated module documentation.
- ipapwpolicy: Modify handling of usercheck and dictcheck
- module_utils: Export Ansible's 'boolean' parsing function.
- ipauser: Add support to modify GECOS field.
- upstream CI: Update ansible-core version
Renich Bon Ciric (1)
- Singular to plural on random serial numbers setting
Thomas Woerner (10)
- ansible_freeipa_module: Fix ipa_command_invalid_param_choices
- README-user.md: Add choices pkinit, hardened and idp to user_auth_type
- README-service.md: Add choice idp to auth_ind
- README-host.md: Add choice idp to auth_ind
- README-config.md: Add choices pkinit, hardened and idp to user_auth_type
- ipauser: Add choices pkinit, hardened and idp to user_auth_type
- ipaservice: Add choice idp to auth_ind
- ipahost: Add choice idp to auth_ind
- ipaconfig: Add choices pkinit, hardened and idp to user_auth_type
- ansible_freeipa_module: New ipa_command_invalid_param_choices method
ansible-freeipa-1.11.0
Highlights in 1.11.0
- Multiple service management with ipaservice module
- New ipacert module for certificate management
- Action group support for the Ansible collections on Ansible Galaxy and Ansible AutomationHub
- Fixed maxsequence handling in ipapwpolicy module
- Even more Ansible lint driven changes
Changes since 1.10.0
- Multiple service management (#1101)
- Don't allow the FQDN to match the domain on server installs (#1099)
- upstream CI: Disable ansible-lint var-naming check (#1097)
- Upstream CI: Disable execution of pytest tests (#1094)
- tests/azure/templates/build_container.yml: Quote requests with version (#1092)
- Pin requests to < 2.29 temporarily (#1089)
- Fix new ansible lint disallowes ignores (#1088)
- tests/azure: Install molecule-plguins to get docker driver (#1083)
- pwpolicy test: Fix maxsequence test (#1082)
- Fix typo in ipapwpolicy.py (#1081)
- Create action group in collection for use with module_defaults (#1080)
- ipapwpolicy: simplified and faster attribute verification (#1078)
- Make Git ignore temporary and output files. (#1077)
- Fixes and enhancements for utils/new_module and templates (#1035)
- ipacert module (#687)
Detailed changelog since 1.10.0 by author
5 authors, 30 commits
Denis Karpelevich (1)
- Allow multiple services creation
Jacob Cutright (1)
- Fix typo in ipapwpolicy.py
Rafael Guterres Jeffman (6)
- Don't allow the FQDN to match the domain on server installs
- upstream CI: Disable ansible-lint var-naming check
- Upstream CI: Disable execution of pytest tests.
- Make Git ignore temporary and output files.
- utils/new_module: Ensure correct number of parameters for new_module
- ipapwpolicy: simplified and faster attribute verification
Sam Morris (1)
- New certificate management module.
Thomas Woerner (21)
- pwpolicy test: Fix maxsequence test
- ipaservice: Updated and new tests for certificates and multi service handling
- ipaservice: Add Denis Karpelevich to the authors header
- ipaservice: Properly Handle certs with leading or trailing white space
- tests/azure/templates/build_container.yml: Quote requests with version
- ansible_freeipa_module.py: Calm down ansible-test on print and sys.exit
- ipaserver_test.py: Add missing default for random_serial_numbers
- ansible-test: Do not use automatic field numbering specification
- Use "#!/usr/bin/env python" for python shebang
- Add -eu to all bash shebangs
- Remove old or empty sanity ignore files
- Pin requests to < 2.29 temporarily
- tests/azure: Install molecule-plguins to get docker driver
- utils/templates/test_module*.yml.in: Use generic module_defaults
- utils/templates/test_module*.yml.in: Better docs for become and gather_facts
- utils/templates/{README*.md.in,test_module*.yml.in}: Use true and false
- utils/build-galaxy-release.sh: Create module action group
- utils/galaxyfy.py: Handle module_defaults, match roles and modules
- New utils/facts.py: Provide facts about the repo like role and module lists
- utils/templates/ipamodule.py.in: Add missing bracket
- utils/new_module: Fix github_user test
ansible-freeipa-1.10.0
Highlights in 1.10.0
- ipagroup: Allow multiple group management.
- ipaclient: Add subid option to select the sssd profile with-subid.
- ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup.
- ipaclient: Keep server affinity while deploying by deferring the creation the final krb5.conf.
- ipaserver: Allow deployments with random serial numbers.
- ipareplica/server: Enable removal from domain with undeployment.
- More Ansible lint fixes.
Changes since 1.9.2
- ipaserver: Do not enable random serial numbers by default (#1073)
- ipagroup: Fix ensuring external group group members (without trust-ad) (#1072)
- Ansible lint fixes (#1069)
- ipareplica/server: Enable removal from domain with undeployment (#1068)
- ipaclient: Defer krb5 configuration fix (#1067)
- ipareplica role: Remove usage of undefined parameters. (#1062)
- roles/ipaserver: Allow deployments with random serial numbers (#1060)
- ipahost: Make return value depending on hosts parameter (#1058)
- ipauser: Make return value depending on users parameter (#1053)
- Migrated to SPDX license. (#1051)
- ipaclient: Defer creating the final krb5.conf on clients (#1050)
- Update
EXAMPLE
sections for multiuser and multihost handling. (#1047) - Fix ansible-lint on tests (#1046)
- ipauser: Better description of UID and GID parameters (#1045)
- ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup (#1037)
- [RFE] Allow multiple groups creation (#1001)
- Add subid option to select the sssd profile with-subid. (#974)
Detailed changelog since 1.9.2 by author
3 authors, 26 commits
Denis Karpelevich (3)
- [RFE] Allow multiple groups creation.
- Add subid option to select the sssd profile with-subid.
- Update
EXAMPLE
sections for multiuser and multihost handling.
Rafael Guterres Jeffman (8)
- roles/ipaserver: Allow deployments with random serial numbers
- ipareplica role: Remove usage of undefined parameters.
- Migrated to SPDX license.
- ipauser: Better description of UID and GID parameters
- ansible-lint: License must be defined as a list.
- ansible-lint: Fixed dangling 'when' clause.
- ansible-lint: Fix key order on upstream tests
- ansible-lint: Use 'missing-import' instead of '505'
Thomas Woerner (15)
- ipaserver: Do not enable random serial numbers by default
- ipagroup: Handle ensuring groups with mixed types without IPA fix 6741
- ipagroup: Fix ensuring external group group members (without trust-ad)
- ipareplica/server: Enable removal from domain with undeployment
- tests/config/test_config_sid: Mark tasks as noqa 503
- ipareplica/server: Always cleanup root IPA cache
- ipaclient_configure_dns_resolver: Removed bad aliases
- ipapwpolicy: The alias for usercheck in argument_spec had typo
- ipanetgroup: Missing type for action and state DOCUMENTATION section
- ipaclient: ipaclient_fix_ca also needs krb_name parameter
- ipaclient: ipaclient_setup_nss also needs krb_name parameter
- ipahost: Make return value depending on hosts parameter
- ipauser: Make return value depending on users parameter
- ipaclient: Defer creating the final krb5.conf on clients
- ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup