diff --git a/roles/freeipa_client/tasks/main.yml b/roles/freeipa_client/tasks/main.yml
index 1c6c195f..55578aee 100644
--- a/roles/freeipa_client/tasks/main.yml
+++ b/roles/freeipa_client/tasks/main.yml
@@ -89,6 +89,10 @@
           {{ ansible_default_ipv4.address }} {{ inventory_hostname }} {{ inventory_hostname_short }}
       notify: restart host
 
+    - name: Check for existence of /etc/dhcp/dhclient.conf
+      ansible.builtin.stat: path=/etc/dhcp/dhclient.conf
+      register: dhclient_conf
+
     - name: Set /etc/dhcp/dhclient.conf for domain search and name servers
       ansible.builtin.lineinfile:
         path: /etc/dhcp/dhclient.conf
@@ -103,6 +107,7 @@
         entries:
           domain_search: supersede domain-search "{{ ipaserver_domain }}";
           domain_name_servers: supersede domain-name-servers {{ ipa_server_ips | sort | union(fallback_nameservers) | join(', ') }};
+      when: dhclient_conf.stat.exists
       notify: restart host
 
 - name: Flush handlers
diff --git a/roles/freeipa_server/defaults/main.yml b/roles/freeipa_server/defaults/main.yml
index 83da2a81..b7335cfd 100644
--- a/roles/freeipa_server/defaults/main.yml
+++ b/roles/freeipa_server/defaults/main.yml
@@ -25,3 +25,4 @@
 ipaserver_resolv_nameservers: [ '8.8.8.8' ]
 ipaserver_server_recursion: true
 enable_dns: false
+needs_python2: True
diff --git a/roles/freeipa_server/tasks/main.yml b/roles/freeipa_server/tasks/main.yml
index 516f0f48..8664b759 100644
--- a/roles/freeipa_server/tasks/main.yml
+++ b/roles/freeipa_server/tasks/main.yml
@@ -30,18 +30,21 @@
     name: nss
     state: latest
 
-- name: Install Python and supporting packages
+- name: Install Python2 when needed
   ansible.builtin.package:
     lock_timeout: 180
-    name: "{{ __pyver_item }}"
+    name: python2
     update_cache: yes
     state: present
-  loop:
-    - python3
-    - python2
-  loop_control:
-    loop_var: __pyver_item
-      
+  when: needs_python2
+  
+- name: Install Python3
+  ansible.builtin.package:
+    lock_timeout: 180
+    name: python3
+    update_cache: yes
+    state: present
+  
 - name: Disable SELinux
   ansible.posix.selinux:
     state: disabled
@@ -110,6 +113,10 @@
         backup: yes
       notify: restart host
 
+    - name: Check for existence of /etc/dhcp/dhclient.conf
+      ansible.builtin.stat: path=/etc/dhcp/dhclient.conf
+      register: dhclient_conf
+
     - name: Set /etc/dhcp/dhclient.conf for domain search and name servers
       ansible.builtin.lineinfile:
         path: /etc/dhcp/dhclient.conf
@@ -124,6 +131,7 @@
         entries:
           domain_search: supersede domain-search "{{ [[name_prefix, domain] | join('.'), domain] | join('", "') }}";
           domain_name_servers: supersede domain-name-servers 127.0.0.1, {{ ipaserver_resolv_nameservers | join(', ') }};
+      when: dhclient_conf.stat.exists
       notify: restart host
 
 - name: Flush handlers
diff --git a/roles/freeipa_server/vars/RedHat-7.yml b/roles/freeipa_server/vars/RedHat-7.yml
index b43a931d..92134244 100644
--- a/roles/freeipa_server/vars/RedHat-7.yml
+++ b/roles/freeipa_server/vars/RedHat-7.yml
@@ -15,3 +15,4 @@
 # limitations under the License.
 
 ipaserver_packages: [ "ipa-server", "libselinux-python" ]
+needs_python2: True
\ No newline at end of file
diff --git a/roles/freeipa_server/vars/RedHat-8.yml b/roles/freeipa_server/vars/RedHat-8.yml
index ce7f1fd0..b92464c5 100644
--- a/roles/freeipa_server/vars/RedHat-8.yml
+++ b/roles/freeipa_server/vars/RedHat-8.yml
@@ -15,3 +15,4 @@
 # limitations under the License.
 
 ipaserver_packages: [ "@idm:DL1/server" ]
+needs_python2: True
\ No newline at end of file
diff --git a/roles/freeipa_server/vars/RedHat-9.yml b/roles/freeipa_server/vars/RedHat-9.yml
new file mode 100644
index 00000000..d12e9742
--- /dev/null
+++ b/roles/freeipa_server/vars/RedHat-9.yml
@@ -0,0 +1,19 @@
+---
+
+# Copyright 2023 Cloudera, Inc. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ipaserver_packages: [ "ipa-server" ]
+ipaserver_packages_dns: [ "ipa-server-dns" ]
+needs_python2: False
\ No newline at end of file
diff --git a/roles/freeipa_server/vars/default.yml b/roles/freeipa_server/vars/default.yml
index 83b8448c..47961661 100644
--- a/roles/freeipa_server/vars/default.yml
+++ b/roles/freeipa_server/vars/default.yml
@@ -15,3 +15,4 @@
 # limitations under the License.
 
 ipaserver_packages: [ "ipa-server", "python3-libselinux" ]
+needs_python2: True