diff --git a/roles/ipareplica/library/ipareplica_prepare.py b/roles/ipareplica/library/ipareplica_prepare.py
index d3c719995221ab39c6f5b392239eb6c819e6cb45..bfda57f273096fa6659ad235dbf3c414350e055c 100644
--- a/roles/ipareplica/library/ipareplica_prepare.py
+++ b/roles/ipareplica/library/ipareplica_prepare.py
@@ -256,75 +256,6 @@ def main():
## check selinux status, http and DS ports, NTP conflicting services
#common_check(options.no_ntp)
- ansible_log.debug("-- ENROLLED? --")
-
- client_fstore = sysrestore.FileStore(paths.IPA_CLIENT_SYSRESTORE)
- if not client_fstore.has_files():
- try:
- with redirect_stdout(ansible_log):
- # do not use ensure_enrolled, it uses redirect_output
- # ensure_enrolled(installer)
-
- args = [paths.IPA_CLIENT_INSTALL, "--unattended"]
- if NUM_VERSION < 40690:
- args.append("--no-ntp")
- stdin = None
- nolog = []
-
- if installer.domain_name:
- args.extend(["--domain", installer.domain_name])
- if installer.server:
- args.extend(["--server", installer.server])
- if installer.realm_name:
- args.extend(["--realm", installer.realm_name])
- if installer.host_name:
- args.extend(["--hostname", installer.host_name])
-
- if installer.password:
- args.extend(["--password", installer.password])
- nolog.append(installer.password)
- else:
- if installer.admin_password:
- # Always set principal if password was set explicitly,
- # the password itself gets passed directly via stdin
- args.extend(["--principal", installer.principal or "admin"])
- stdin = installer.admin_password
- if installer.keytab:
- args.extend(["--keytab", installer.keytab])
-
- if installer.no_dns_sshfp:
- args.append("--no-dns-sshfp")
- if installer.ssh_trust_dns:
- args.append("--ssh-trust-dns")
- if installer.no_ssh:
- args.append("--no-ssh")
- if installer.no_sshd:
- args.append("--no-sshd")
- if installer.mkhomedir:
- args.append("--mkhomedir")
- if installer.force_join:
- args.append("--force-join")
-
- ansible_log.debug(" ".join(args))
- try:
- # Call client install script
- service.print_msg("Configuring client side components")
- installer._enrollment_performed = True
- ipautil.run(args, stdin=stdin, nolog=nolog) #, redirect_output=True)
- #print()
- except ipautil.CalledProcessError:
- raise ScriptError("Configuration of client side components failed!")
-
- except ScriptError as msg:
- ansible_module.fail_json(msg=str(msg))
- else:
- if (options.domain_name or options.server or options.realm_name or
- options.host_name or options.password or options.keytab):
- ansible_module.log(
- "IPA client is already configured on this system, ignoring "
- "the --domain, --server, --realm, --hostname, --password "
- "and --keytab options.")
-
sstore = sysrestore.StateFile(paths.SYSRESTORE)
fstore = sysrestore.FileStore(paths.SYSRESTORE)
diff --git a/roles/ipareplica/tasks/install.yml b/roles/ipareplica/tasks/install.yml
index 4dab15e381ff7b246495b717a44c8235dc613a3f..30653d96699b527a924f15d68b0fd53837e3c071 100644
--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -64,38 +64,25 @@
- block:
- #- name: Install - Setup client
- # include_role:
- # name: ipaclient
- # vars:
- # state: present
- # ipaclient_domain: "{{ result_ipareplica_test.domain }}"
- # ipaclient_realm: "{{ result_ipareplica_test.realm }}"
- # ipaclient_server: "{{ result_ipareplica_test.server }}"
- # ipaclient_hostname: "{{ result_ipareplica_test.hostname }}"
- # #ipaclient_no_dns_sshfp: "{{ ipaclient_no_dns_sshfp }}"
- # #ipaclient_ssh_trust_dns: "{{ ipaclient_ssh_trust_dns }}"
- # #ipaclient_no_ssh: "{{ ipaclient_no_ssh }}"
- # #ipaclient_no_sshd: "{{ ipaclient_no_sshd }}"
- # #ipaclient_mkhomedir: "{{ ipaclient_mkhomedir }}"
-
- #- name: Install - Setup client
- # command: >
- # /usr/sbin/ipa-client-install
- # --unattended
- # --no-ntp
- # --domain "{{ result_ipareplica_test.domain }}"
- # --realm "{{ result_ipareplica_test.realm }}"
- # --server "{{ result_ipareplica_test.server }}"
- # --hostname "{{ result_ipareplica_test.hostname }}"
- # {{ "--principal" if ipaadmin_password is defined else "" }} {{ ipaadmin_principal if ipaadmin_password is defined else "" }}
- # {{ "--password" if ipaadmin_password is defined else "" }} {{ ipaadmin_password if ipaadmin_password is defined else "" }}
- # {{ "--mkhomedir" if ipaclient_mkhomedir | bool else "" }}
- # # {{ "--no-dns-sshfp" if ipaclient_no_dns_sshfp | bool else "" }}
- # # {{ "--ssh-trust-dns" if ipaclient_ssh_trust_dns | bool else "" }}
- # # {{ "--no-ssh" if ipaclient_no_ssh | bool else "" }}
- # # {{ "--no-sshd" if ipaclient_no_sshd | bool else "" }}
- # when: not result_ipareplica_test.client_enrolled
+ - name: Install - Setup client
+ include_role:
+ name: ipaclient
+ vars:
+ state: present
+ ipaclient_domain: "{{ result_ipareplica_test.domain }}"
+ ipaclient_realm: "{{ result_ipareplica_test.realm }}"
+ ipaclient_servers: ["{{ result_ipareplica_test.server }}"]
+ ipaclient_hostname: "{{ result_ipareplica_test.hostname }}"
+ #ipaclient_keytab: "{{ ipaclient_keytab }}"
+ #ipaclient_mkhomedir: "{{ ipaclient_mkhomedir }}"
+ #ipaclient_force_join: "{{ ipaclient_force_join }}"
+ ##ipaclient_no_ntp: "{{ ipaclient_no_ntp }}"
+ ipaclient_no_ntp: "{{ result_ipareplica_test.ipa_python_version < 40690 }}"
+ #ipaclient_ssh_trust_dns: "{{ ipaclient_ssh_trust_dns }}"
+ ##ipaclient_no_ssh: "{{ ipaclient_no_ssh }}"
+ ##ipaclient_no_sshd: "{{ ipaclient_no_sshd }}"
+ ##ipaclient_no_dns_sshfp: "{{ ipaclient_no_dns_sshfp }}"
+ when: not result_ipareplica_test.client_enrolled
- name: Install - Configure firewalld
command: >