diff --git a/plugins/modules/ipanetgroup.py b/plugins/modules/ipanetgroup.py
index e07893236a23c36a92fb93b8cde5b0d21e2b812e..5b3f61e21a1d0365e16f27497a2eb4ebce492aff 100644
--- a/plugins/modules/ipanetgroup.py
+++ b/plugins/modules/ipanetgroup.py
@@ -93,10 +93,12 @@ options:
   action:
     description: Work on netgroup or member level
     required: false
+    type: str
     default: netgroup
     choices: ["member", "netgroup"]
   state:
     description: The state to ensure.
+    type: str
     choices: ["present", "absent"]
     default: present
 author:
diff --git a/plugins/modules/ipapwpolicy.py b/plugins/modules/ipapwpolicy.py
index ea794fc911d6fe1751b20e1bc5e7fa0715b7a8eb..3a3eeedda1fd01d4837255ed70c43e39d1db8378 100644
--- a/plugins/modules/ipapwpolicy.py
+++ b/plugins/modules/ipapwpolicy.py
@@ -275,7 +275,7 @@ def main():
                              default=None),
             dictcheck=dict(type="str", aliases=["ipapwdictcheck"],
                            default=None),
-            usercheck=dict(type="str", aliases=["ipapwusercheck"],
+            usercheck=dict(type="str", aliases=["ipapwdusercheck"],
                            default=None),
             gracelimit=dict(type="str", aliases=["passwordgracelimit"],
                             default=None),
diff --git a/roles/ipaclient/library/ipaclient_configure_dns_resolver.py b/roles/ipaclient/library/ipaclient_configure_dns_resolver.py
index 0c10376b44ce17212b34defa9fc56b28a37956c7..ca8caf5c15d7bee53f618fd25d94483101107e46 100644
--- a/roles/ipaclient/library/ipaclient_configure_dns_resolver.py
+++ b/roles/ipaclient/library/ipaclient_configure_dns_resolver.py
@@ -266,10 +266,8 @@ def unconfigure_dns_resolver(fstore=None):
 def main():
     module = AnsibleModule(
         argument_spec=dict(
-            nameservers=dict(type="list", elements="str", aliases=["cn"],
-                             required=False),
-            searchdomains=dict(type="list", elements="str", aliases=["cn"],
-                               required=False),
+            nameservers=dict(type="list", elements="str", required=False),
+            searchdomains=dict(type="list", elements="str", required=False),
             state=dict(type="str", default="present",
                        choices=["present", "absent"]),
         ),
diff --git a/roles/ipareplica/tasks/install.yml b/roles/ipareplica/tasks/install.yml
index 2b3fca316d34ec339c0a4c19665552460f3317e0..b718ed0c0806f82e870cff36f132b3ef632c7a58 100644
--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -759,13 +759,12 @@
         "{{ result_ipareplica_prepare.config_master_host_name }}"
     register: result_ipareplica_enable_ipa
 
+  always:
   - name: Install - Cleanup root IPA cache
     ansible.builtin.file:
       path: "/root/.ipa_cache"
       state: absent
-    when: result_ipareplica_enable_ipa.changed
 
-  always:
   - name: Cleanup temporary files
     ansible.builtin.file:
       path: "{{ item }}"
diff --git a/roles/ipaserver/tasks/install.yml b/roles/ipaserver/tasks/install.yml
index f4906dc9d67b74380d0674c618051e3f1e6b730e..50b4876f729dc6f430982939f30aca3140aca7fb 100644
--- a/roles/ipaserver/tasks/install.yml
+++ b/roles/ipaserver/tasks/install.yml
@@ -446,12 +446,6 @@
         setup_ca: "{{ result_ipaserver_test.setup_ca }}"
       register: result_ipaserver_enable_ipa
 
-    - name: Install - Cleanup root IPA cache
-      ansible.builtin.file:
-        path: "/root/.ipa_cache"
-        state: absent
-      when: result_ipaserver_enable_ipa.changed
-
     - name: Install - Configure firewalld
       ansible.builtin.command: >
         firewall-cmd
@@ -480,6 +474,11 @@
       when: ipaserver_setup_firewalld | bool
 
   always:
+  - name: Install - Cleanup root IPA cache
+    ansible.builtin.file:
+      path: "/root/.ipa_cache"
+      state: absent
+
   - name: Cleanup temporary files
     ansible.builtin.file:
       path: "{{ item }}"
diff --git a/tests/config/test_config_sid.yml b/tests/config/test_config_sid.yml
index cd3ce4fbbf901211fecc05e41cc9ec328633c0ae..fdae1fba79e2cbf9d7050ac5f8b9625846f7e54d 100644
--- a/tests/config/test_config_sid.yml
+++ b/tests/config/test_config_sid.yml
@@ -30,7 +30,7 @@
       check_mode: yes
       register: sid_disabled
 
-    - name: Ensure netbios_name can't be changed without SID enabled.
+    - name: Ensure netbios_name can't be changed without SID enabled.  # noqa 503
       ipaconfig:
         ipaadmin_password: SomeADMINpassword
         ipaapi_context: "{{ ipa_context | default(omit) }}"
@@ -39,7 +39,7 @@
       failed_when: not result.failed and "SID generation must be enabled" in result.msg
       when: sid_disabled.changed
 
-    - name: Ensure SIDs can't be changed without SID enabled.
+    - name: Ensure SIDs can't be changed without SID enabled.  # noqa 503
       ipaconfig:
         ipaadmin_password: SomeADMINpassword
         ipaapi_context: "{{ ipa_context | default(omit) }}"