Salt is currently configured to login with an authentication method
tied to the "salt" policy, not to the "salt-primary" policy.
As such, there is a need to copy over that policy.
Also, when creating a token for another server, thr role used is
always "salt-node". Names like "salt-node-windriver" are policies,
not the role allowing such policies.