9

I have a LDAP server and a predefined shell (bash) set in it. But there are some machine on which I want a different shell to be used whenever user login to that instead of the shell stored in LDAP.

How can I do this?? Can someone give me some direction in this?

Thank you

Incredible
  • 141
  • 1
  • 1
  • 4

2 Answers2

11

In /etc/ldap.conf add the following line:

nss_override_attribute_value loginShell <different_shell>

Best of luck,
João Miguel Neves

jneves
  • 1,043
  • 6
  • 15
  • 1
    Just a note that for this to work for me, I had to restart nscd after the change (`/etc/init.d/nscd restart`) – Michael Mior Dec 21 '13 at 02:47
  • `/etc/ldap.conf` is [libnss](https://www.padl.com/OSS/nss_ldap.html)' configuration file. On debianish systems, it is `/etc/libnss-ldap.conf`. man nss_ldap on your system should give the exact name. I also had to run `nscd -i passwd` to flush nscd cache. – exore Sep 23 '19 at 02:42
3

Shared home directories? If not, put into the users ~/.bash_profile (or whatever is the proper file, check INVOCATION in man bash):

exec /bin/tcsh

Or whatever shell you wish to replace bash with.

If they login using ssh, then you could use keypairs and forced commands.

Please note, depending where you place the exec for another shell, commands like scp may not function properly if you do not check for an interactive shell, like in the /etc/skel/.bashrc on Ubuntu.

Your best bet is to kindly ask your LDAP admin to change the loginShell for your LDAP user.

Diftraku
  • 3
  • 2
ptman
  • 27,124
  • 2
  • 26
  • 45
  • Users will be login through ssh. Can you please elaborate a bit more on the use of keypairs and forced commands option. Can you please give me some pointers? Thank you. – Incredible Apr 21 '10 at 09:36
  • SSH keypairs: Information about forced commands can be found on the man pages sshd(8) and sshd_config(5) – ptman Apr 21 '10 at 12:32
  • I couldn't find an option that automatically does it for all users. It should be something related to ldap as well, because here sshd will read the default shell from ldap. And I want to override that. – Incredible Apr 24 '10 at 15:41