Once configured my VM with Ubuntu 18.04 and joined to an AD domain, when trying to do sudo operation with my domain user, the error message is always:
"domainuser is not in the sudoers file. this incident will be reported."
I have an AD group with a domain user that can do sudo operations, and
I have also configured the group in visudo and in sssd.conf.
The VM is querying the domain successfully, and I can view it with 'kinit' or 'id' operation with my domain user.
This may be counter-intuitive, but may help:
If you've been using, say, usermod -aG sudo,adm DOMAIN\\user or the same with user@DOMAIN, it doesn't seem to add them properly to sudoers.
Though there shouldn't be a local user with the same name, enter the name as if there were, like so:
usermod -aG sudo,adm user
Example: for domain ACME and user admin, in a usermod command, leave out the ACME\\ or @ACME part entirely.
Literally just figured out this worked in the last few days.