Sudo (su “do”) allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments. We will assume that you have a domain security group named ‘TCP’.
This will give your Active Directory admin group sudo access to the server:

aptitude install sudo
visudo

scroll to the bottom and add this line:

%(domain)\\tcp ALL =(ALL) ALL

This gives the tcp group a lot of access on the server and may be a little too dangerous. You have been warned.

<–Previous Next–>
Menu

This page is part of a series named “Using Debian in an Active Directory environment”. It is meant to be followed in that context.