[AL2023] Supporting system authentication for AD

cookbooks/aws-parallelcluster-environment/resources/system_authentication/system_authentication_alinux2023.rb

@@ -17,25 +17,10 @@
 end
 
 use 'partial/_system_authentication_common'
-
-action :configure do
-  # oddjobd service is required for creating homedir
-  service "oddjobd" do
-    action %i(start enable)
-  end unless on_docker?
-
-  execute 'Configure Directory Service' do
-    user 'root'
-    # Tell NSS, PAM to use SSSD for system authentication and identity information
-    # authconfig is a compatibility tool, replaced by authselect
-    command "authselect select sssd with-mkhomedir"
-    sensitive true
-    default_env true
-  end
-end
+use 'partial/_system_authentication_alinux_centos'
 
 action_class do
   def required_packages
-    %w(sssd sssd-tools sssd-ldap authselect oddjob-mkhomedir)
+    %w(sssd sssd-tools sssd-ldap authconfig)
   end
 end

cookbooks/aws-parallelcluster-environment/test/controls/system_authentication_spec.rb

@@ -35,7 +35,7 @@
 
   services = %w(sssd)
 
-  if os_properties.redhat8?
+  if os_properties.redhat?
     services.append("oddjobd")
   end
 
@@ -55,8 +55,7 @@
   only_if { node['cluster']['node_type'] != 'ComputeFleet' || node['cluster']['directory_service']['disabled_on_compute_nodes'] != 'true' }
 
   describe 'Check NSS and PAM to use SSSD for system authentication and identity information'
-  if os_properties.redhat8?
-
+  if os_properties.redhat?
     describe bash("authselect current") do
       its('exit_status') { should eq 0 }
       its('stdout') { should match /Profile ID: sssd/ }

cookbooks/aws-parallelcluster-shared/test/libraries/os_properties.rb

@@ -17,6 +17,7 @@ def redhat_on_docker?
   end
 
   def redhat?
+    # RedHat also includes Amazon
     inspec.os.name == 'redhat'
   end