.`ansible-freeipa` rebased to 1.14.5
The `ansible-freeipa` package has been rebased from version 1.13.2 to version 1.14.5. Notable enhancements and bug fixes include:
* You can use `module_defaults` to define variables for multiple `ansible-freeipa` tasks
+
The `freeipa.ansible_freeipa` collection now provides the `module_defaults` action group that simplifies the use of `ansible-freeipa` modules. By using `module_defaults`, you can set default values to be applied to all modules of the collection used in a playbook. To do so, use the `action_group` named `freeipa.ansible_freeipa.modules`. For example:
+
----
- name: Test
hosts: localhost
module_defaults:
group/freeipa.ansible_freeipa.modules:
ipaadmin_password: Secret123
tasks:
…
----
+
As a result, the playbook is more concise.
* Multiple IdM `sudo` rules can now be managed in a single Ansible task
+
This enhancement adds the `sudorules` option to `ansible-freeipa`. By using `sudorules`, you can add, modify, and delete multiple Identity Management (IdM) `sudo` rules by using a single Ansible task. To do this, use the `sudorules` option of the `ipasudorule` module. As a result, you can define your `sudo` rules more easily, and execute them more efficiently.
+
Using the `sudorules` option, you can specify multiple `sudo` rule parameters that apply to a particular `sudo` rule. This `sudo` rule is defined by the `name` variable, which is the only mandatory variable for the `sudorules` option.
* Removing external members by using the `ipagroup` module now works correctly
+
Previously, attempting to ensure the absence of an external member from an IdM group by using the `ansible-freeipa` `ipagroup` module with the `externalmember` parameter did not remove the members from the group, even though Ansible presented the result of the task as `changed`. With this fix, using the `ipagroup` module with `externalmember` correctly ensures the absence of an external member from an IdM group. The fix also allows the use of either DOM\name or
name@domain to identify AD users.