Sudoers file allow sudo on specific file for active directory group

I have active directory sign in working on an Ubuntu 12.04 box. When the user signs in, I have a script that runs that needs sudo permission (since it modifies the samba config file). How would I specify this in my sudoers file?

The active directory user is a part of a group called domain users. I see domain users when I issue groups as the active directory user.

I've tried:

%domain+users ALL=NOPASSWD: /etc/userScripts/createSambaShare.php

This still asks me for a password and then tells me that the user is not in the sudoers file.

Is there a log I can check to see what it's doing when it asks the active directory user for their password?

It looks like you are using a plus sign in lieu of the space in Domain Users. I don't see any reason why that would work.

Instead, escape the space with a backslash:

 %Domain\ Users ALL=NOPASSWD: /etc/userScripts/createSambaShare.php

If that doesn't work, try using an alias:

 User_Alias DomainUsers=%Domain\ Users
 DomainUsers ALL=NOPASSWD: /etc/userScripts/createSambaShare.php

Also, keep in mind that pretty much everything in Linux is case-sensitive, including user and group names. Is the group really showing up as domain users, or is it showing up as Domain Users? It has to match.

Why don't you just set the UNIX group in /etc/sudoers and then make sure everybody is added to that group in AD?