diff --git a/dnet_user_services_perms/tasks/dnet-additional-packages.yml b/dnet_user_services_perms/tasks/dnet-additional-packages.yml
index 980005e4..3f750df1 100644
--- a/dnet_user_services_perms/tasks/dnet-additional-packages.yml
+++ b/dnet_user_services_perms/tasks/dnet-additional-packages.yml
@@ -1,13 +1,13 @@
 ---
 - name: Install additional packages, if needed
   apt: pkg={{ item }} state=installed
-  with_items: dnet_additional_packages
+  with_items: '{{ dnet_additional_packages }}'
   when: dnet_additional_packages is defined
   tags: ['dnet', 'pkgs']
 
 - name: Install additional python modules, if needed
   pip: name={{ item }} state=present
-  with_items: dnet_additional_python_modules
+  with_items: '{{ dnet_additional_python_modules }}'
   when: dnet_additional_python_modules is defined
   tags: ['dnet', 'pkgs']
 
diff --git a/dnet_user_services_perms/tasks/dnet-data-dirs.yml b/dnet_user_services_perms/tasks/dnet-data-dirs.yml
index b896164a..18bfcafc 100644
--- a/dnet_user_services_perms/tasks/dnet-data-dirs.yml
+++ b/dnet_user_services_perms/tasks/dnet-data-dirs.yml
@@ -1,30 +1,30 @@
 ---
 - name: Create the dnet data dirs
   file: name={{ item }} state=directory owner={{ dnet_user }} group={{ dnet_group }} mode=0750
-  with_items: dnet_data_directories
+  with_items: '{{ dnet_data_directories }}'
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 - name: Create the dnet log dirs
   file: name={{ item }} state=directory owner={{ tomcat_user }} group={{ dnet_group }} mode=0750
-  with_items: dnet_log_directories
+  with_items: '{{ dnet_log_directories }}'
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 - name: Set the read/write permissions on the dnet data dirs
   acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present
-  with_items: dnet_data_directories
+  with_items: '{{ dnet_data_directories }}'
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 - name: Set the default read/write permissions on the dnet data dirs
   acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
-  with_items: dnet_data_directories
+  with_items: '{{ dnet_data_directories }}'
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 - name: Set the read permissions on the dnet log dirs
   acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present
-  with_items: dnet_log_directories
+  with_items: '{{ dnet_log_directories }}'
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 - name: Set the default read permissions on the dnet log dirs
   acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes
-  with_items: dnet_log_directories
+  with_items: '{{ dnet_log_directories }}'
   tags: [ 'tomcat', 'dnet', 'users' ]
diff --git a/dnet_user_services_perms/tasks/dnet-other-services-users.yml b/dnet_user_services_perms/tasks/dnet-other-services-users.yml
index e5e299c3..82ca5af2 100644
--- a/dnet_user_services_perms/tasks/dnet-other-services-users.yml
+++ b/dnet_user_services_perms/tasks/dnet-other-services-users.yml
@@ -2,7 +2,7 @@
 # Ignore errors because it fails if the user is already present and used to run a service.
 - name: Create users needed to operate services other than the dnet ones
   user: name={{ item.user }} comment="{{ item.user }}" home={{ item.home }} createhome={{ item.createhome }} shell={{ item.shell }}
-  with_items: dnet_other_services_users
+  with_items: '{{ dnet_other_services_users }}'
   when: dnet_other_services_users is defined
   ignore_errors: True
   tags: [ 'users', 'dnet' ]
diff --git a/dnet_user_services_perms/tasks/dnet-tomcat-acls.yml b/dnet_user_services_perms/tasks/dnet-tomcat-acls.yml
index 5b91a617..2a3db7a9 100644
--- a/dnet_user_services_perms/tasks/dnet-tomcat-acls.yml
+++ b/dnet_user_services_perms/tasks/dnet-tomcat-acls.yml
@@ -5,31 +5,31 @@
 # Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default
 - name: Set the read/write permissions on the tomcat webapps and common/classes directories. single tomcat instance
   acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present
-  when: tomcat_m_instances is not defined
   with_items:
     - [ '{{ tomcat_webapps_dir }}', '{{ tomcat_common_classes_dir }}', '{{ tomcat_common_dir }}' ]
+  when: tomcat_m_instances is not defined 
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 - name: Set the default read/write permissions on the tomcat webapps and common/classes directories. single tomcat instance
   acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
-  when: tomcat_m_instances is not defined
   with_items:
     - [ '{{ tomcat_webapps_dir }}', '{{ tomcat_common_classes_dir }}', '{{ tomcat_common_dir }}' ]
+  when: tomcat_m_instances is not defined 
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 # Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default
 - name: Set the read permissions on the tomcat log directory. single tomcat instance
   acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present
-  when: tomcat_m_instances is not defined
   with_items:
     - [ '{{ tomcat_logdir }}' ]
+  when: tomcat_m_instances is not defined 
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 - name: Set the default read permissions on the tomcat log directory. single tomcat instance
   acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes
-  when: tomcat_m_instances is not defined
   with_items:
     - [ '{{ tomcat_logdir }}' ]
+  when: tomcat_m_instances is not defined 
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 #
@@ -38,30 +38,30 @@
 # Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default
 - name: Set the read/write permissions on the tomcat webapps and common/classes directories. multiple tomcat instances
   acl: name={{ item.0.instance_path }}/{{ item.1 }} entity={{ dnet_group }} etype=group permissions=rwx state=present
-  when: tomcat_m_instances is defined
   with_nested:
     - '{{ tomcat_m_instances }}'
     - [ 'webapps', 'common', 'common/classes' ]
+  when: tomcat_m_instances is defined 
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 - name: Set the default read/write permissions on the tomcat webapps and common/classes directories. multiple tomcat instances
   acl: name={{ item.0.instance_path }}/{{ item.1 }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
-  when: tomcat_m_instances is defined
   with_nested:
     - '{{ tomcat_m_instances }}'
     - [ 'webapps', 'common', 'common/classes' ]
+  when: tomcat_m_instances is defined 
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 # Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default
 - name: Set the read permissions on the tomcat log directory. multiple tomcat instances
   acl: name={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} entity={{ dnet_group }} etype=group permissions=rx state=present
-  when: tomcat_m_instances is defined
-  with_items: tomcat_m_instances
+  with_items: '{{ tomcat_m_instances }}'
+  when: tomcat_m_instances is defined 
   tags: [ 'tomcat', 'dnet', 'users' ]
 
 - name: Set the default read permissions on the tomcat log directory. multiple tomcat instances
   acl: name={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes
+  with_items: '{{ tomcat_m_instances }}'
   when: tomcat_m_instances is defined
-  with_items: tomcat_m_instances
   tags: [ 'tomcat', 'dnet', 'users' ]
 
diff --git a/dnet_user_services_perms/tasks/dnet-users-data-dirs.yml b/dnet_user_services_perms/tasks/dnet-users-data-dirs.yml
index 8a8ee507..227471e6 100644
--- a/dnet_user_services_perms/tasks/dnet-users-data-dirs.yml
+++ b/dnet_user_services_perms/tasks/dnet-users-data-dirs.yml
@@ -1,25 +1,25 @@
 ---
 - name: Create the users dnet data dirs
   file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }}
-  with_items: dnet_users_data_directories
+  with_items: '{{ dnet_users_data_directories }}'
   when: item.create and not item.file
   tags: [ 'dnet', 'users', 'dnet_u_acl' ]
 
 - name: Set the read/write/access permissions on the users dnet data dirs
   acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present
-  with_items: dnet_users_data_directories
+  with_items: '{{ dnet_users_data_directories }}'
   when: not item.file
   tags: [ 'dnet', 'users', 'dnet_u_acl' ]
 
 - name: Set the default read/write/access permissions on the users dnet data dirs
   acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
-  with_items: dnet_users_data_directories
+  with_items: '{{ dnet_users_data_directories }}'
   when: not item.file
   tags: [ 'dnet', 'users', 'dnet_u_acl' ]
 
 - name: Set the read/write permissions on pre-existing files inside the users dnet data dirs
   acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rw state=present
-  with_items: dnet_users_data_directories
+  with_items: '{{ dnet_users_data_directories }}'
   when: item.file
   tags: [ 'dnet', 'users', 'dnet_u_acl' ]