The need for the distinct Org1 and Org2 only cards is related to rights on the Fabric. The initial Runtime Install uses the distinct cards (and connection.json) and subsequent commands - Network Start and Commands from Alice and Bob use cards (and connection profiles) that access all peers regardless of organisation as they have rights to the Network.
For the tutorial (and the Dev Fabric) we have combined the Peer Install role and the Channel admin role into a single identity called PeerAdmin. Then you need an identity to handle the Fabric-ca server issuer role. You also need an identity bound to the initial business network participant. These roles have been combined into one for alice/bob.