I am using the ipapermission module to create an additional permission but when the ipapermission is created and a rerun the playbook in check mode it gives an changed status and when running in normal mode it gives an error trying to update the permission:
TASK [configure-ipa : Create permission to read RADIUS profile attributes] *****
fatal: [REDACTED]: FAILED! => {"changed": false, "msg": "permission_mod: Read Radius Profile: no modifications to be performed"}
After some debugging i figured out that the comparision of the value of the subtree is failing as the return value from ipapython is an DN object and the module uses an string:
[debug] Ansible arguments and IPA commands differed. Different set content: {'cn=groups,cn=accounts,dc=ipa,dc=REDACTED'} {ipapython.dn.DN('cn=groups,cn=accounts,dc=ipa,dc=REDACTED')}
I am using the ipapermission module to create an additional permission but when the ipapermission is created and a rerun the playbook in check mode it gives an changed status and when running in normal mode it gives an error trying to update the permission:
The task executed is
After some debugging i figured out that the comparision of the value of the subtree is failing as the return value from ipapython is an DN object and the module uses an string: