diff --git a/roles/ipareplica/tasks/install.yml b/roles/ipareplica/tasks/install.yml
index 679021c81978364e2cd14fd34452affd0f023a68..72f45223114f625027b2a985b2682db084b66408 100644
--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -96,7 +96,8 @@
--permanent
--add-service=freeipa-ldap
--add-service=freeipa-ldaps
- --add-service=freeipa-replication
+ {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+ else "" }}
{{ "--add-service=dns" if ipareplica_setup_dns | bool else "" }}
{{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
when: ipareplica_setup_firewalld | bool
@@ -106,7 +107,8 @@
firewall-cmd
--add-service=freeipa-ldap
--add-service=freeipa-ldaps
- --add-service=freeipa-replication
+ {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+ else "" }}
{{ "--add-service=dns" if ipareplica_setup_dns | bool else "" }}
{{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
when: ipareplica_setup_firewalld | bool
diff --git a/roles/ipaserver/tasks/install.yml b/roles/ipaserver/tasks/install.yml
index 14c1730d3d13215570402c9f3710be693dc3e08c..cfb88ead69ba72def510c06c4fabdea5b1d7b5f1 100644
--- a/roles/ipaserver/tasks/install.yml
+++ b/roles/ipaserver/tasks/install.yml
@@ -391,6 +391,8 @@
--permanent
--add-service=freeipa-ldap
--add-service=freeipa-ldaps
+ {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+ else "" }}
{{ "--add-service=dns" if ipaserver_setup_dns | bool else "" }}
{{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
when: ipaserver_setup_firewalld | bool
@@ -400,6 +402,8 @@
firewall-cmd
--add-service=freeipa-ldap
--add-service=freeipa-ldaps
+ {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+ else "" }}
{{ "--add-service=dns" if ipaserver_setup_dns | bool else "" }}
{{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
when: ipaserver_setup_firewalld | bool