Sudoers file allow sudo on specific file for active directory group

tubaguy50035 asked:

I have active directory sign in working on an Ubuntu 12.04 box. When the user signs in, I have a script that runs that needs sudo permission (since it modifies the samba config file). How would I specify this in my sudoers file?

The active directory user is a part of a group called domain users. I see domain users when I issue groups as the active directory user.

I’ve tried:

%domain+users ALL=NOPASSWD: /etc/userScripts/createSambaShare.php

This still asks me for a password and then tells me that the user is not in the sudoers file.

Is there a log I can check to see what it’s doing when it asks the active directory user for their password?

My answer:

Why don’t you just set the UNIX group in /etc/sudoers and then make sure everybody is added to that group in AD?

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.