diff --git a/tests/vault/test_vault_symmetric.yml b/tests/vault/test_vault_symmetric.yml
index bedc221dd7701c69715953215673b987b94d00cd..929433193ad1afe10452bd34ae082c31a02cd745 100644
--- a/tests/vault/test_vault_symmetric.yml
+++ b/tests/vault/test_vault_symmetric.yml
@@ -178,6 +178,15 @@
     register: result
     failed_when: result.vault.data != 'Hello World.' or result.changed
 
+  - name: Retrieve data from symmetric vault, with wrong password.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: symvault
+      password: SomeWRONGpassword
+      state: retrieved
+    register: result
+    failed_when: not result.failed or "Invalid credentials" not in result.msg
+
   - name: Change vault password.
     ipavault:
       ipaadmin_password: SomeADMINpassword
@@ -187,43 +196,44 @@
     register: result
     failed_when: not result.changed
 
-  - name: Retrieve data from symmetric vault, with wrong password.
+  - name: Retrieve data from symmetric vault, with new password.
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: symvault
-      password: SomeVAULTpassword
+      password: SomeNEWpassword
       state: retrieved
     register: result
-    failed_when: not result.failed or "Invalid credentials" not in result.msg
+    failed_when: result.data != 'Hello World.' or result.changed
 
-  - name: Change vault password, with wrong `old_password`.
+  - name: Retrieve data from symmetric vault, with old password.
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: symvault
       password: SomeVAULTpassword
-      new_password: SomeNEWpassword
+      state: retrieved
     register: result
     failed_when: not result.failed or "Invalid credentials" not in result.msg
 
-  - name: Retrieve data from symmetric vault, with new password.
+  - name: Change symmetric vault salt, changing password
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: symvault
       password: SomeNEWpassword
-      state: retrieved
+      new_password: SomeVAULTpassword
+      salt: AAAAAAAAAAAAAAAAAAAAAAA=
     register: result
-    failed_when: result.vault.data != 'Hello World.' or result.changed
+    failed_when: not result.changed
 
-  - name: Try to add vault with multiple passwords.
+  - name: Change symmetric vault salt, without changing password
     ipavault:
       ipaadmin_password: SomeADMINpassword
-      name: inexistentvault
+      name: symvault
       password: SomeVAULTpassword
-      password_file: "{{ ansible_env.HOME }}/password.txt"
+      new_password: SomeVAULTpassword
+      salt: MTIzNDU2Nzg5MDEyMzQ1Ngo=
     register: result
-    failed_when: not result.failed or "parameters are mutually exclusive" not in result.msg
+    failed_when: not result.changed
 
-  - name: Try to add vault with multiple new passwords.
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: inexistentvault