diff --git a/plugins/modules/ipagroup.py b/plugins/modules/ipagroup.py
index 915bc4996eb68448606103e8cc2d5f240e5b60f1..903c256d33478878d6ce44bccbfcb8a9482d9053 100644
--- a/plugins/modules/ipagroup.py
+++ b/plugins/modules/ipagroup.py
@@ -507,16 +507,15 @@ def main():
             # All "already a member" and "not a member" failures in the
             # result are ignored. All others are reported.
             errors = []
-            if "failed" in result and len(result["failed"]) > 0:
-                for item in result["failed"]:
-                    failed_item = result["failed"][item]
-                    for member_type in failed_item:
-                        for member, failure in failed_item[member_type]:
-                            if "already a member" in failure \
-                               or "not a member" in failure:
-                                continue
-                            errors.append("%s: %s %s: %s" % (
-                                command, member_type, member, failure))
+            for failed_item in result.get("failed", []):
+                failed = result["failed"][failed_item]
+                for member_type in failed:
+                    for member, failure in failed[member_type]:
+                        if "already a member" in failure \
+                           or "not a member" in failure:
+                            continue
+                        errors.append("%s: %s %s: %s" % (
+                            command, member_type, member, failure))
             if len(errors) > 0:
                 ansible_module.fail_json(msg=", ".join(errors))
 
diff --git a/plugins/modules/ipahostgroup.py b/plugins/modules/ipahostgroup.py
index 4c18e940e61d481a2ac990f739178a19eaddc0c1..5f615160cb429ed1a52276f505eee13e27a19f60 100644
--- a/plugins/modules/ipahostgroup.py
+++ b/plugins/modules/ipahostgroup.py
@@ -423,14 +423,15 @@ def main():
             # All "already a member" and "not a member" failures in the
             # result are ignored. All others are reported.
             errors = []
-            if "failed" in result and "member" in result["failed"]:
-                failed = result["failed"]["member"]
+            for failed_item in result.get("failed", []):
+                failed = result["failed"][failed_item]
                 for member_type in failed:
                     for member, failure in failed[member_type]:
-                        if "already a member" not in failure \
-                           and "not a member" not in failure:
-                            errors.append("%s: %s %s: %s" % (
-                                command, member_type, member, failure))
+                        if "already a member" in failure \
+                           or "not a member" in failure:
+                            continue
+                        errors.append("%s: %s %s: %s" % (
+                            command, member_type, member, failure))
             if len(errors) > 0:
                 ansible_module.fail_json(msg=", ".join(errors))
 
diff --git a/tests/group/test_group_membermanager.yml b/tests/group/test_group_membermanager.yml
index 1d38654f6a9e800185d013e33ae00354e96b31dd..661f26d64f48f517d253af133119ea7924ef4509 100644
--- a/tests/group/test_group_membermanager.yml
+++ b/tests/group/test_group_membermanager.yml
@@ -8,7 +8,7 @@
   - name: Ensure user manangeruser1 and manageruser2 is absent
     ipauser:
       ipaadmin_password: SomeADMINpassword
-      name: manageruser1,manageruser2
+      name: manageruser1,manageruser2,unknown_user
       state: absent
 
   - name: Ensure group testgroup, managergroup1 and managergroup2 are absent
@@ -185,6 +185,15 @@
     register: result
     failed_when: not result.changed
 
+  - name: Ensure unknown membermanager_user member failure
+    ipagroup:
+      ipaadmin_password: SomeADMINpassword
+      name: testgroup
+      membermanager_user: unknown_user
+      action: member
+    register: result
+    failed_when: result.changed or "no such entry" not in result.msg
+
   - name: Ensure group testgroup, managergroup1 and managergroup2 are absent
     ipagroup:
       ipaadmin_password: SomeADMINpassword
diff --git a/tests/hostgroup/test_hostgroup_membermanager.yml b/tests/hostgroup/test_hostgroup_membermanager.yml
index c32d1088ebf69367a24ce5a53bc4e164eabc1cee..c0f65460e634aea22632d728c8f7b577e6ec3ae8 100644
--- a/tests/hostgroup/test_hostgroup_membermanager.yml
+++ b/tests/hostgroup/test_hostgroup_membermanager.yml
@@ -15,7 +15,7 @@
   - name: Ensure user manangeruser1 and manageruser2 is absent
     ipauser:
       ipaadmin_password: SomeADMINpassword
-      name: manageruser1,manageruser2
+      name: manageruser1,manageruser2,unknown_user
       state: absent
 
   - name: Ensure group managergroup1 and managergroup2 are absent
@@ -200,6 +200,15 @@
     register: result
     failed_when: not result.changed
 
+  - name: Ensure unknown membermanager_user member failure
+    ipahostgroup:
+      ipaadmin_password: SomeADMINpassword
+      name: testhostgroup
+      membermanager_user: unknown_user
+      action: member
+    register: result
+    failed_when: result.changed or "no such entry" not in result.msg
+
   - name: Ensure host-group testhostgroup is absent
     ipahostgroup:
       ipaadmin_password: SomeADMINpassword