Sudoers file allow sudo on specific file for active directory group

tubaguy50035 asked:

I have active directory sign in working on an Ubuntu 12.04 box. When the user signs in, I have a script that runs that needs sudo permission (since it modifies the samba config file). How would I specify this in my sudoers file?

The active directory user is a part of a group called domain users. I see domain users when I issue groups as the active directory user.

I’ve tried:

%domain+users ALL=NOPASSWD: /etc/userScripts/createSambaShare.php

This still asks me for a password and then tells me that the user is not in the sudoers file.

Is there a log I can check to see what it’s doing when it asks the active directory user for their password?

My answer:


Why don’t you just set the UNIX group in /etc/sudoers and then make sure everybody is added to that group in AD?


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.