Removed unused user_input import from ipapython.ipautil. Added import
of DN from ipapython.dn. Set ntpinstance to None if timeconf or
sync_time could not be imported on older FreeIPA releases.

Use ipaserver_install_packages to enable or disable package installation
for the client deployment part with ipaclient role.

Use ipareplica_install_packages to enable or disable package installation
for the client deployment part with ipaclient role.

Replica config is not needed and there fore has been removed.

The dns settings in options have not been used and also not provided to
the module in the tasks file. Therefore these settings shoul dbe removed.

The dns settings in options have not been used and also not provided to
the module in the tasks file. Therefore these settings shoul dbe removed.

The dns settings in options have not been used and also not provided to
the module in the tasks file. Therefore these settings shoul dbe removed.

ipaserver_master_password and ipaserver_setup_ntp have been linked from
the ipaserver role before. With the move of the module_utils parts to the
specific role locations the use of ipaserver modules leads to the missing
dependency ansible_ipa_server, that is now only available in the server
role.

The ipaserver_master_password module has been replaced by the ipareplica
specific ipareplica_master_password module. The ipaserver_setup_ntp module
has been removed as the time related changes for replica are done in the
client install part.

Fixes: #59 (Module is missing interpreter line)

The installer logs have not been created using the ansible ipaclient,
ipareplica and ipaserver roles. This has been fixed and the installer
logs are created now.

This setting had the wrong and unsed prefix ipahost. THis has been fixed and
the proper prefix ipaclient is now used.

Krb5 configuration was also done if ipaclient_on_master was set. This
resulted in a reverted configuration while deploying the client part in
a server deploment.

The role test is executed in the ipa[server,replica,client] roles first.
These tests are usable in the Ansible test mode, but the folllowing steps
in the task list are not. Therefore the blocks following the tests are
limited to not being executed in test mode.

python_2_3_test needs to be executed also in test mode to make sure that the
follwing ipa[server,replica,client]_test modules could be executed also in
test mode.

The changed flag is not set to True any more to make sure that the try
to deploy an already deployed server again will not result in an error.

Up to now the try to deploy an already deployed replica resulted in an
error. Now this ends in an end play and no error is reported.

For consitency the result_ prefix has been added to the registered result
of the py3test.py script.

With the changes for IPA enablement in the replica installer it is not
possible anymore to enable the IPA server in the same way as in the
server deployment.

The new module ipareplica_enable_ipa has been added and the link for
ipaserver_enable_ipa has been removed.

The parameter config_setup_ca has been renamed to setup_ca and added to
options. master_host_name has been added to config. Also a call for
api.Backend.ldap2.connect has been added to make sure that the backend is
connected.

The promote argument has been dropped with the final removal of domain
level 0 support in version 4.7.1. The fstore argument has been added
with the 4.7.1 version also.

The promote argument has been dropped with the final removal of domain
level 0 support in version 4.7.1. The fstore argument has been added
with the 4.7.1 version also.

The promote argument has been dropped with the final removal of domain
level 0 support in version 4.7.1. The fstore argument has been added
with the 4.7.1 version also.

Double imports and also the import of create_replica_config from
ipaserver.install.installutils have been removed. create_replica_config
is not used because the use of domain level 0 is not supported.

ntp_server and ntp_pool are now provided to ipareplica_test. A conflict
test with no_ntp has been added from the normal installer.

Also added are references to options.password and options.dm_password, but
these are commented out and not used or provided to the module.

Proper ntp_servers and ntp_pool tests are needed still.

With FreeIPA 4.7.0 there is no support for domain level 0 anymore, the
check for the minimal domain level should use MIN_DOMAIN_LEVEL instead of
DOMAIN_LEVEL_1.

Since FreeIPA version 4.7.1 there is no install_check defined anymore in
ipaserver.install.server.replicainstall.

The use of ScriptError without an error message but with rval resulted in
very limited information in ansible. The error messages from logger.error
calls have have added to these ScriptError raises.

Removed addtional empty line in ipaclient_setup_sssd sectio

default(omit) is not needed for bool values, as these need to be set either
way.

The __getattr__ method in installer_obj was used for debugging to make
sure that all needed settings in the installer object have been set.

A remain from debugging in ipaclient_test has been removed.

Deploying a client with one-time password use was failing in latest tests
using ansible 2.7 and FreeIPA 4.7 because of an encoding problem.

If the client is already installed and the allow_repair and force_join
options are not set end the playbook processing. This is useful if an
inventory file contains existing and new machines.

The advantage of this is that the krb5 configuration is created in the same
way as in the normal installers. The same functionality as in the normal
installers is used in ipaclient_setup_krb5. There is no need to adapt the
ipa-krb5 role or the the ask file for changes in how the krb5 configuration
is done. Additionally ipaclient_force is now a supported parameter as
it is in the normal installer.

New config option:

ipaclient_force

The variable has been added to ipaclient/defaults/main.yml.

The advantage of this is that the ipa default configuration is created in
the same way as in the normal installers. The same functionality as in the
normal installers is used in ipaclient_ipa_conf.

The no_ prefix for the ssh and sshd settings has been added back. The
naming of the settings should be the same all over the ipcalient role.
The exception is sssd here as it has been deprected and is used from
ipaclient_test.

The name for the setting ssh_trust_dns has been fixed to the command line
option name and not the internl optinos name.

ipaclient_setup_sssd is now using configure_sssd_conf from
ipaclient/install/client.py instead. This simplified the module a lot
and also adds more configuratino options for sssd.

These are new config options supported by ipaclient_setup_sssd:

ipaclient_no_sudo
ipassd_fixed_primary
ipassd_permit
ipassd_enable_dns_updates
ipassd_no_krb5_offline_passwords
ipassd_preserve_sssd

These variables have been added to ipaclient/defaults/main.yml.

The ipaclient_test module was not doing all tests that should be done
with the provided settings. All tests from ipaclient installer parts
are now part of ipaclient_test. There are some minor changes though to
make sure that the repair mode could still be used.

ansible_ipa_client bindings have been updated to fullfill new needs.

The import line of ansible_ipa_client was not correct and used a test
version of the binding that is not possible anymore due to the move of
the module_utils directories into the specific role locations.

The new module ipaclient_setup_ntp to configure and sync time with the NTP
server has been added. The irregular setting ipaclient_ntp has been removed.

The ipaclient_setup_ntp module is using either the new sync_time call or
for compatibility with older FreeIPA versions synconce_ntp.

The reference for ipaclient_ntp in REPLICA.md has been removed also.

This also fixes #55.

ipaclient_extras could configure several things internally according to
provided settings. These have been ssh, sshd, automount, firefox an also
nis. The ssh and sshd configuration is now plocated in ipaclient_setup_ssh,
the automount configuration in ipaclient_setup_automount, the firefox
configuration in ipaclient_setup_firefox and the nis configuration in
ipaclient_setup_nis.

The following additional settings have been added to
roles/ipaclient/defaults/main.yml to provide the same configruation options
as ipa-client-install does:

ipaclient_no_ssh: no
ipaclient_no_sshd: no
ipaclient_no_nisdomain: no
ipaclient_configure_firefox: no