Yes this works, I've not done it myself but I just had a conversation with someone about this topic yesterday.
Let's say the domain group is called "VI Admins", I choose this example as it has a space which needs to be properly escaped in the /etc/sudoers file. You will also need to escape the first "slash" followed by the domain name as well.
Let's say the domain is "Primp-Industries" and the group is called "VI Admins"
The entry in sudoers file should be:
%Primp-Industries\\VI\ Admins ALL=(ALL) ALL
I had verified with the individual who I spoke to and he confirmed this worked in his environment.
VMware vExpert 2009,2010
VMware scripts and resources at: http://www.virtuallyghetto.com/
If you find this information useful, please award points for "correct" or "helpful".
your right. It works perfectly. I made an error with the domain if forgot the extra slash.
I've tried what you have said but am still struggling. I've added the following to the Sudoers files on a VMA that has been joined to the domain I'll call TEST. I've created an AD global group called VI Admins and added the account I'm logging in with to that group.
VI\ Admins ALL=(ALL) ALL
I've save the file and even after restarting the VMA I get a message that the account is not in the sudoers file.
Any help or guidance is greatly appreciated.
I'm going to take that back. After some further troubleshooting I seemed to have some domain authentication issues. I removed and rejoined the vMA to the domain and all was well.
Suppose there is no space in the group name?
So, in the example, it is just VI:
VI ALL=(ALL) ALL
That didn't work.
%Primp-Industries\VI ALL=(ALL) ALL
That didn't work.
%Primp-Industries\VI\ ALL=(ALL) ALL
That didn't work, gave me a syntax error.