Bug 2046325

Summary: Document that in 8.6 and 9.0, the ipadnsconfig module requires action: member to exclude a global forwarder
Product: Red Hat Enterprise Linux 8 Reporter: Filip Hanzelka <fhanzelk>
Component: DocumentationAssignee: Filip Hanzelka <fhanzelk>
Documentation sub component: default QA Contact: RHEL DPM <rhel-docs>
Status: CLOSED WORKSFORME Docs Contact: Filip Hanzelka <fhanzelk>
Severity: unspecified    
Priority: medium CC: davozeni, gfialova, jvilicic, rhel-docs, rjeffman
Version: 8.6Keywords: Documentation
Target Milestone: rcFlags: pm-rhel: mirror+
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
.The `ipadnsconfig` module now requires `action: member` to exclude a global forwarder With this update, excluding global forwarders in Identity Management (IdM) by using the `ansible-freeipa` `ipadnsconfig` module requires using the `action: member` option in addition to the `state: absent` option. If you only use `state: absent` in your playbook without also using `action: member`, the playbook fails. Consequently, to remove all global forwarders, you must specify all of them individually in the playbook. In contrast, the `state: present` option does not require `action: member`.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-01-31 15:37:22 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Filip Hanzelka 2022-01-26 15:42:29 UTC 
Based on communication from the SME Rafael Jeffman, there is a behavior change in ipadnsconfig affecting docs:

""""
In upcoming RHEL releases (both 8.6 and 9.0) a fix for
ansible-freeipa's ipadnsconfig module has forced a change
in the documented behavior.

The affected sections are 81.8 [1] and 81.9 [1].

The new behavior requires the use of 'action: member' to
exclude a global forwarder. If a user want to keep the current
configuration but "add" (actually ensure presence of) a new
forwarder 'action: member' should also be used.

As neither version is public yet, there is no issue with publicly
available documentation, but there will be a "bug" in the docs
as soon as the new versions are released.

[1]: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_identity_management/managing-dns-forwarding-in-idm_configuring-and-managing-idm#ensuring-the-presence-of-a-dns-global-forwarder-in-idm-using-ansible_managing-dns-forwarding-in-idm
[2]: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_identity_management/managing-dns-forwarding-in-idm_configuring-and-managing-idm#ensuring-the-absence-of-a-dns-global-forwarder-in-idm-using-ansible_managing-dns-forwarding-in-idm
""""

We have agreed that both a release note and an update of the product docs are appropriate: this BZ is to track this effort.