To execute privileged commands users must type dzdo and the command name. If you want, you can map sudo to dzdo, which allows your users, who are accustomed to using sudo to execute their privileged commands, to continue to type sudo commandName. If the user has a role assignment that allow him to execute the command in an unrestricted shell, the command is executed using dzdo commandName. To map sudo to dzdo on computers in your organization, you can enable the “Replace sudo by dzdo” group policy for a site, domain, or organizational unit.
For more information about working with group policies, see the Group Policy Guide.