Bug 1836287
| Summary: | [ansible-freeipa] Not able to add more than one auth_ind in the service module | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Varun Mylaraiah <mvarun> |
| Component: | ansible-freeipa | Assignee: | Rafael Jeffman <rjeffman> |
| Status: | CLOSED ERRATA | QA Contact: | ipa-qe <ipa-qe> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 8.3 | CC: | rjeffman, twoerner |
| Target Milestone: | rc | Flags: | pm-rhel:
mirror+
|
| Target Release: | 8.0 | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | ansible-freeipa-0.1.11-1 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-11-04 02:46:35 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
There is an upstream PR for the issue: https://github.com/freeipa/ansible-freeipa/pull/290 Upstream PR was merged. Verified
ansible-freeipa-0.1.12-5.el8.noarch
Automation test result:
ansible-freeipa-tests/ansible_freeipa_tests/service_module.py::TestServiceWithAuthInd::()::test_service_update_with_all_authind
------------------------------ Captured log call -------------------------------
channel.py 1212 DEBUG [chan 27] Max packet in: 32768 bytes
channel.py 1212 DEBUG [chan 27] Max packet out: 32768 bytes
transport.py 1819 DEBUG Secsh channel 27 opened.
transport.py 318 INFO RUN ['kinit', 'admin']
transport.py 519 DEBUG RUN ['kinit', 'admin']
channel.py 1212 DEBUG [chan 27] Sesch channel 27 request ok
transport.py 563 DEBUG -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py 563 DEBUG -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py 563 DEBUG Password for admin:
channel.py 1212 DEBUG [chan 27] EOF received (27)
channel.py 1212 DEBUG [chan 27] EOF sent (27)
transport.py 217 DEBUG Exit code: 0
channel.py 1212 DEBUG [chan 28] Max packet in: 32768 bytes
channel.py 1212 DEBUG [chan 28] Max packet out: 32768 bytes
transport.py 1819 DEBUG Secsh channel 28 opened.
transport.py 318 INFO RUN ['ipa', 'service-find']
transport.py 519 DEBUG RUN ['ipa', 'service-find']
channel.py 1212 DEBUG [chan 28] Sesch channel 28 request ok
transport.py 563 DEBUG -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py 563 DEBUG -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py 563 DEBUG ------------------
transport.py 563 DEBUG 6 services matched
transport.py 563 DEBUG ------------------
transport.py 563 DEBUG Principal name: 19newservice/master.ipadomain.test
transport.py 563 DEBUG Principal alias: 19newservice/master.ipadomain.test
transport.py 563 DEBUG Authentication Indicators: otp
transport.py 563 DEBUG Keytab: False
transport.py 563 DEBUG
transport.py 563 DEBUG Principal name: DNS/master.ipadomain.test
transport.py 563 DEBUG Principal alias: DNS/master.ipadomain.test
transport.py 563 DEBUG Keytab: True
transport.py 563 DEBUG
transport.py 563 DEBUG Principal name: HTTP/master.ipadomain.test
transport.py 563 DEBUG Principal alias: HTTP/master.ipadomain.test
transport.py 563 DEBUG Certificate: MIIFYDCCA8igAwIBAgIBCTANBgkqhkiG9w0BAQsFADA5MRcwFQYDVQQKDA5JUEFET01BSU4uVEVTVDEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTIwMDcyMjExNDAzNFoXDTIyMDcyMzExNDAzNFowOTEXMBUGA1UECgwOSVBBRE9NQUlOLlRFU1QxHjAcBgNVBAMMFW1hc3Rlci5pcGFkb21haW4udGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALZ3lzxqLD8lIJnaqG6q1Vs2QKsPr+FS2lfORt4shuMp1ukdXtGBv9yzZtb4fNry468mKVIywi9h5EbelyDeQfRa8t3q6v7NrSwK5uMK+S4Y0pfZ4wYULfbeCP5Bht92yPUjDpd/qaf41JW8Iv68QgHSC8PY4knxuJx6Gb1H/YTotqtvwAqAUvIXpJeLldVCmg+4QWyCuOK9DvzQERGkSbRbGH9h/aH6DjKVk2bOymNaaPGF69n4HJKbz9qtYiHzOfpDCTajeEWTOzPUzKo2NUuP5DjSgLMnCumX+pg4p5NKnHv2NRp3XROQ5dyK33DkEgTTfCwRmUWWdL/PFVGm30sCAwEAAaOCAfEwggHtMB8GA1UdIwQYMBaAFFr/2hP13BvNWzfhsPX5gLt0Z5IeMEAGCCsGAQUFBwEBBDQwMjAwBggrBgEFBQcwAYYkaHR0cDovL2lwYS1jYS5pcGFkb21haW4udGVzdC9jYS9vY3NwMA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIweQYDVR0fBHIwcDBuoDagNIYyaHR0cDovL2lwYS1jYS5pcGFkb21haW4udGVzdC9pcGEvY3JsL01hc3RlckNSTC5iaW6iNKQyMDAxDjAMBgNVBAoMBWlwYWNhMR4wHAYDVQQDDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHQYDVR0OBBYEFB/tleiB7dtMuQg4mwbC9yxc0VLhMIG+BgNVHREEgbYwgbOCFW1hc3Rlci5pcGFkb21haW4udGVzdIIVaXBhLWNhLmlwYWRvbWFpbi50ZXN0oDkGCisGAQQBgjcUAgOgKwwpSFRUUC9tYXN0ZXIuaXBhZG9tYWluLnRlc3RASVBBRE9NQUlOLlRFU1SgSAYGKwYBBQICoD4wPKAQGw5JUEFET01BSU4uVEVTVKEoMCagAwIBAaEfMB0bBEhUVFAbFW1hc3Rlci5pcGFkb21haW4udGVzdDANBgkqhkiG9w0BAQsFAAOCAYEAFtVBZ8OIjPdPr3cGF1GSjksFzqebAZ14gkr4mcnpasUxzI+wEk9Tox5IHoLdWQitR8bns9jcyhlVL5pGgDafVR87sXmDtoWi4a/ZudXIhpeh5ZThOKwv4cGSnlPLArgEzcJJmVD2i1Huid2rV+8r1EpIjg16W+Yov6milTRxZvqgy+0eY/MWn/XII2gsbiBnt6hxPwJhGy4FAVe62gS7iti+Q70GC7aQ/wnSmWmQk6SeBXdYsZQqSG510tPDivqn4/Z89SUX22ozqxFlm5wUp0OTRVQ5jZJJm1UtySOQaK7qxUdHyIWAEraG5J/DQ5+zuvnzmUfi0nLRkUz8nk/XWTKOYAzcwJ06ymZRLfYiFuvGu++YZFrk7Eiv20uL9ThuQS+HPdN/nOblMfpppBJyLYz7JXy41gHhRyuU3wnX9A6BGfd0UCEJAXxvpFhoWW0aPVypX0jV4j57q4++nnDmg4o4YAYEQx0cngs3tgUmbLO9za0rab14wJvDOfXwAkeN
transport.py 563 DEBUG Subject: CN=master.ipadomain.test,O=IPADOMAIN.TEST
transport.py 563 DEBUG Serial Number: 9
transport.py 563 DEBUG Serial Number (hex): 0x9
transport.py 563 DEBUG Issuer: CN=Certificate Authority,O=IPADOMAIN.TEST
transport.py 563 DEBUG Not Before: Wed Jul 22 11:40:34 2020 UTC
transport.py 563 DEBUG Not After: Sat Jul 23 11:40:34 2022 UTC
transport.py 563 DEBUG Fingerprint (SHA1): e4:f0:71:87:a0:4e:24:dd:ac:73:5c:78:20:78:fd:91:a2:6e:78:16
transport.py 563 DEBUG Fingerprint (SHA256): 3f:38:4a:df:96:8a:44:0d:b8:a9:bd:73:10:ae:f7:8f:b9:2c:ac:31:50:f8:d1:4e:20:60:7e:f7:5a:5b:ad:9d
transport.py 563 DEBUG Keytab: True
transport.py 563 DEBUG
transport.py 563 DEBUG Principal name: dogtag/master.ipadomain.test
transport.py 563 DEBUG Principal alias: dogtag/master.ipadomain.test
transport.py 563 DEBUG Keytab: True
transport.py 563 DEBUG
transport.py 563 DEBUG Principal name: ipa-dnskeysyncd/master.ipadomain.test
transport.py 563 DEBUG Principal alias: ipa-dnskeysyncd/master.ipadomain.test
transport.py 563 DEBUG Keytab: True
transport.py 563 DEBUG
transport.py 563 DEBUG Principal name: ldap/master.ipadomain.test
transport.py 563 DEBUG Principal alias: ldap/master.ipadomain.test
transport.py 563 DEBUG Certificate: MIIFSTCCA7GgAwIBAgIBCDANBgkqhkiG9w0BAQsFADA5MRcwFQYDVQQKDA5JUEFET01BSU4uVEVTVDEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTIwMDcyMjExMzk1OVoXDTIyMDcyMzExMzk1OVowOTEXMBUGA1UECgwOSVBBRE9NQUlOLlRFU1QxHjAcBgNVBAMMFW1hc3Rlci5pcGFkb21haW4udGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMo8qJO0Kgm1cfYWk9w0AnRQX0c29G55Rxo1I6s1Qs6e8JGdRDhZcl3aDI0tik5FJ0jWAfKA0mRNqV/NkA7F7kgy9V42TKUz/CFuU3v3P4sbitqc2FN1KVTzjYurse28rJVt7ZGFul+fT9xYjsY3OUL6OJzEmQGRSwPZ+7PMlViOW1cQF83HgOIFgMZNJ6342VFq4aCzWWdahG61NkLabrJP4l4t5Zq5fj9F5br1Nw0nULmw86W9Ca3NaUkYA0TU6FU2fvGuegEK4IJ6ugOgNrJJyHhPKXH1dn/+dMQIxZYvjXNwJg8Yye+qZW+hEifz8iRTlnCdWPP8Lz3yuh233xkCAwEAAaOCAdowggHWMB8GA1UdIwQYMBaAFFr/2hP13BvNWzfhsPX5gLt0Z5IeMEAGCCsGAQUFBwEBBDQwMjAwBggrBgEFBQcwAYYkaHR0cDovL2lwYS1jYS5pcGFkb21haW4udGVzdC9jYS9vY3NwMA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIweQYDVR0fBHIwcDBuoDagNIYyaHR0cDovL2lwYS1jYS5pcGFkb21haW4udGVzdC9pcGEvY3JsL01hc3RlckNSTC5iaW6iNKQyMDAxDjAMBgNVBAoMBWlwYWNhMR4wHAYDVQQDDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHQYDVR0OBBYEFG9jYvNNMbP3d8iiwixK6XSFWUUBMIGnBgNVHREEgZ8wgZyCFW1hc3Rlci5pcGFkb21haW4udGVzdKA5BgorBgEEAYI3FAIDoCsMKWxkYXAvbWFzdGVyLmlwYWRvbWFpbi50ZXN0QElQQURPTUFJTi5URVNUoEgGBisGAQUCAqA+MDygEBsOSVBBRE9NQUlOLlRFU1ShKDAmoAMCAQGhHzAdGwRsZGFwGxVtYXN0ZXIuaXBhZG9tYWluLnRlc3QwDQYJKoZIhvcNAQELBQADggGBABKJqyxjlPOsSq98NpO4Vs1WCPUAFwKKRc/4yX7IAkzLFC3Un/k0kHIybfHFth+dYUUdeZhYhPGVrbeV6t5ubUQfmWiysJhIMT4wkYAVyIQU9xwXgDo94ck/0t4HPlr0lfVdsb7BJse+kXRS+uLZnIty97UINYlpmftloyNQ3LZMCbgdBmImd9/wSR4w+kfJfbh9BYbP6VQ8zy+gvRS+uVxVjsXogDRuGXf2mwYKD5I+WUgcurQXYLC7nTfW8Mt1A31AEezcWQN+tUjJMJh/5kksCmryBE8TNej7pHtyyyM58uLr1FGMzWgRE879b5N2zLcGkxFRzPCp586728LE3qhu1hM7eSf9FuesTXlWfOhk7x9Sk56RikgIU5j6qIDKWNxccmsSsAQwsP7PldoTIbHnttup5S2A8C6Ys/8BktF82t5gRmq6vD7CtX2i588qU7TnedhQhxIUH5y02qlNuyV4IBcbqEkkxToVA9keQO4mMdKxBb+v/lVKAHZh+ymtMQ==
transport.py 563 DEBUG Subject: CN=master.ipadomain.test,O=IPADOMAIN.TEST
transport.py 563 DEBUG Serial Number: 8
transport.py 563 DEBUG Serial Number (hex): 0x8
transport.py 563 DEBUG Issuer: CN=Certificate Authority,O=IPADOMAIN.TEST
transport.py 563 DEBUG Not Before: Wed Jul 22 11:39:59 2020 UTC
transport.py 563 DEBUG Not After: Sat Jul 23 11:39:59 2022 UTC
transport.py 563 DEBUG Fingerprint (SHA1): a6:45:c4:34:28:ce:ad:68:f1:fc:9a:25:66:96:ea:ea:ae:d1:f7:a3
transport.py 563 DEBUG Fingerprint (SHA256): f3:b9:ac:d1:11:60:ab:4f:be:97:d2:0d:2d:87:4f:a1:10:5d:e2:13:2f:85:8c:e6:8b:5b:bf:c7:38:55:78:2a
transport.py 563 DEBUG Keytab: True
transport.py 563 DEBUG ----------------------------
transport.py 563 DEBUG Number of entries returned 6
transport.py 563 DEBUG ----------------------------
channel.py 1212 DEBUG [chan 28] EOF received (28)
channel.py 1212 DEBUG [chan 28] EOF sent (28)
transport.py 217 DEBUG Exit code: 0
channel.py 1212 DEBUG [chan 29] Max packet in: 32768 bytes
channel.py 1212 DEBUG [chan 29] Max packet out: 32768 bytes
transport.py 1819 DEBUG Secsh channel 29 opened.
transport.py 318 INFO RUN ['kdestroy', '-A']
transport.py 519 DEBUG RUN ['kdestroy', '-A']
channel.py 1212 DEBUG [chan 29] Sesch channel 29 request ok
transport.py 563 DEBUG -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py 563 DEBUG -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
channel.py 1212 DEBUG [chan 29] EOF received (29)
channel.py 1212 DEBUG [chan 29] EOF sent (29)
transport.py 217 DEBUG Exit code: 0
transport.py 293 INFO WRITE inventory/service.hosts
sftp.py 158 DEBUG [chan 0] open(b'inventory/service.hosts', 'wb')
sftp.py 158 DEBUG [chan 0] open(b'inventory/service.hosts', 'wb') -> 00000000
sftp.py 158 DEBUG [chan 0] close(00000000)
transport.py 329 INFO PUT service_module.yml
sftp.py 158 DEBUG [chan 0] open(b'service_module.yml', 'wb')
sftp.py 158 DEBUG [chan 0] open(b'service_module.yml', 'wb') -> 00000000
sftp.py 158 DEBUG [chan 0] close(00000000)
sftp.py 158 DEBUG [chan 0] stat(b'service_module.yml')
channel.py 1212 DEBUG [chan 6] Max packet in: 32768 bytes
channel.py 1212 DEBUG [chan 6] Max packet out: 32768 bytes
transport.py 1819 DEBUG Secsh channel 6 opened.
transport.py 318 INFO RUN ['ansible-playbook', '--ssh-extra-args="-o StrictHostKeyChecking=no"', '-vv', '-i', 'inventory/service.hosts', 'service_module.yml']
transport.py 519 DEBUG RUN ['ansible-playbook', '--ssh-extra-args="-o StrictHostKeyChecking=no"', '-vv', '-i', 'inventory/service.hosts', 'service_module.yml']
channel.py 1212 DEBUG [chan 6] Sesch channel 6 request ok
transport.py 563 DEBUG -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py 563 DEBUG -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py 563 DEBUG ansible-playbook 2.9.11
transport.py 563 DEBUG config file = /root/ansible.cfg
transport.py 563 DEBUG configured module search path = ['/root/ansible-freeipa/plugins/modules', '/usr/share/ansible/plugins/modules']
transport.py 563 DEBUG ansible python module location = /usr/lib/python3.6/site-packages/ansible
transport.py 563 DEBUG executable location = /usr/bin/ansible-playbook
transport.py 563 DEBUG python version = 3.6.8 (default, Jun 26 2020, 12:10:09) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]
transport.py 563 DEBUG Using /root/ansible.cfg as config file
transport.py 563 DEBUG
transport.py 563 DEBUG PLAYBOOK: service_module.yml ***************************************************
transport.py 563 DEBUG 1 plays in service_module.yml
transport.py 563 DEBUG
transport.py 563 DEBUG PLAY [Playbook to ensure service is present with Auth_ind OTP, Radius, pkinit, hardened.] ***
transport.py 563 DEBUG
transport.py 563 DEBUG TASK [Gathering Facts] *********************************************************
transport.py 563 DEBUG task path: /root/service_module.yml:2
transport.py 563 DEBUG ok: [master.ipadomain.test]
transport.py 563 DEBUG META: ran handlers
transport.py 563 DEBUG
transport.py 563 DEBUG TASK [Get Domain from server name] *********************************************
transport.py 563 DEBUG task path: /root/service_module.yml:6
transport.py 563 DEBUG ok: [master.ipadomain.test] => {"ansible_facts": {"ipaserver_domain": "ipadomain.test"}, "changed": false}
transport.py 563 DEBUG
transport.py 563 DEBUG TASK [Get Realm from server name] **********************************************
transport.py 563 DEBUG task path: /root/service_module.yml:9
transport.py 563 DEBUG ok: [master.ipadomain.test] => {"ansible_facts": {"ipaserver_realm": "IPADOMAIN.TEST"}, "changed": false}
transport.py 563 DEBUG
transport.py 563 DEBUG TASK [ipaservice] **************************************************************
transport.py 563 DEBUG task path: /root/service_module.yml:13
transport.py 563 DEBUG changed: [master.ipadomain.test] => {"changed": true}
transport.py 563 DEBUG META: ran handlers
transport.py 563 DEBUG META: ran handlers
transport.py 563 DEBUG
transport.py 563 DEBUG PLAY RECAP *********************************************************************
transport.py 563 DEBUG master.ipadomain.test : ok=4 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
transport.py 563 DEBUG
channel.py 1212 DEBUG [chan 6] EOF received (6)
channel.py 1212 DEBUG [chan 6] EOF sent (6)
transport.py 217 DEBUG Exit code: 0
channel.py 1212 DEBUG [chan 30] Max packet in: 32768 bytes
channel.py 1212 DEBUG [chan 30] Max packet out: 32768 bytes
transport.py 1819 DEBUG Secsh channel 30 opened.
transport.py 318 INFO RUN ['kinit', 'admin']
transport.py 519 DEBUG RUN ['kinit', 'admin']
channel.py 1212 DEBUG [chan 30] Sesch channel 30 request ok
transport.py 563 DEBUG -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py 563 DEBUG -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py 563 DEBUG Password for admin:
channel.py 1212 DEBUG [chan 30] EOF received (30)
channel.py 1212 DEBUG [chan 30] EOF sent (30)
transport.py 217 DEBUG Exit code: 0
channel.py 1212 DEBUG [chan 31] Max packet in: 32768 bytes
channel.py 1212 DEBUG [chan 31] Max packet out: 32768 bytes
transport.py 1819 DEBUG Secsh channel 31 opened.
transport.py 318 INFO RUN ['ipa', 'service-find', '19newservice']
transport.py 519 DEBUG RUN ['ipa', 'service-find', '19newservice']
channel.py 1212 DEBUG [chan 31] Sesch channel 31 request ok
transport.py 563 DEBUG -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py 563 DEBUG -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py 563 DEBUG -----------------
transport.py 563 DEBUG 1 service matched
transport.py 563 DEBUG -----------------
transport.py 563 DEBUG Principal name: 19newservice/master.ipadomain.test
transport.py 563 DEBUG Principal alias: 19newservice/master.ipadomain.test
transport.py 563 DEBUG Authentication Indicators: otp, radius, pkinit, hardened
transport.py 563 DEBUG Keytab: False
transport.py 563 DEBUG ----------------------------
transport.py 563 DEBUG Number of entries returned 1
transport.py 563 DEBUG ----------------------------
channel.py 1212 DEBUG [chan 31] EOF received (31)
channel.py 1212 DEBUG [chan 31] EOF sent (31)
transport.py 217 DEBUG Exit code: 0
channel.py 1212 DEBUG [chan 32] Max packet in: 32768 bytes
channel.py 1212 DEBUG [chan 32] Max packet out: 32768 bytes
transport.py 1819 DEBUG Secsh channel 32 opened.
transport.py 318 INFO RUN ['kdestroy', '-A']
transport.py 519 DEBUG RUN ['kdestroy', '-A']
channel.py 1212 DEBUG [chan 32] Sesch channel 32 request ok
transport.py 563 DEBUG -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py 563 DEBUG -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
channel.py 1212 DEBUG [chan 32] EOF received (32)
channel.py 1212 DEBUG [chan 32] EOF sent (32)
transport.py 217 DEBUG Exit code: 0
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (ansible-freeipa bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2020:4663 |
Description of problem: Not able to add more than one auth_ind in the ansible-freeipa service module Version-Release number of selected component (if applicable): ansible-freeipa-0.1.10-1.el8.noarch Steps to Reproduce: [root@ansible ~]# cat 03_1.yaml --- - name: Playbook to manage IPA service. hosts: ipaserver become: true gather_facts: false tasks: - name: Get Domain from server name set_fact: ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}" - name: Get Realm from server name set_fact: ipaserver_realm: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') | upper }}" # Ensure testing service - ipaservice: ipaadmin_password: <xxxxxxxxxxx> name: "{{'myservice3/master.' + ipaserver_domain + '@' + ipaserver_realm }}" auth_ind: radius,otp,pkinit,hardened [root@ansible ~]# ansible-playbook -vv -i inventory/server.hosts 03_1.yaml ansible-playbook 2.9.7 config file = /root/ansible.cfg configured module search path = ['/root/ansible-freeipa/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.6/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 3.6.8 (default, Apr 3 2020, 16:09:51) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)] Using /root/ansible.cfg as config file PLAYBOOK: 03_1.yaml ******************************************************************************************************************************* 1 plays in 03_1.yaml PLAY [Playbook to manage IPA service.] ************************************************************************************************************ META: ran handlers TASK [Get Domain from server name] **************************************************************************************************************** task path: /root/03_1.yaml:8 ok: [master.ipadomain.test] => {"ansible_facts": {"ipaserver_domain": "ipadomain.test"}, "changed": false} TASK [Get Realm from server name] ***************************************************************************************************************** task path: /root/03_1.yaml:11 ok: [master.ipadomain.test] => {"ansible_facts": {"ipaserver_realm": "IPADOMAIN.TEST"}, "changed": false} TASK [ipaservice] ********************************************************************************************************************************* task path: /root/03_1.yaml:15 fatal: [master.ipadomain.test]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"}, "changed": false, "msg": "value of auth_ind must be one of: otp, radius, pkinit, hardened, got: radius,otp,pkinit,hardened"} PLAY RECAP **************************************************************************************************************************************** master.ipadomain.test : ok=2 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0 Actual results: Currently accepts only one auth_ind Error: changed": false, "msg": "value of auth_ind must be one of: otp, radius, pkinit, hardened, got: radius,otp,pkinit,hardened" Expected results: It should accept multiple auth_ind.