SSSD storing wrong shell in cache

You can use default in nss section.

[nss]
default_shell = /bin/bash

And override using override_shell = <your shell>

override_shell (string)
    Override the login shell for all users. This option can be specified globally in the [nss] section or per-domain.

Edit1: for group specific changes

[sssd]
config_file_version = 2
services = nss, pam
domains=DOMAIN_GROUP1,DOMAIN_GROUP2,DOMAIN

[nss]
default_shell = /bin/bash

[domain/DOMAIN_GROUP1]
id_provider = ad
ad_domain = mydomain.local
ad_server = mydc01.domain.local,mydc02.domain.local,mydc03.domain.local
# Restrict to group members
ldap_user_search_base = DC=domain,DC=local?subtree?(memberOf=CN=group1,OU=Groups,DC=domain,DC=local)
# Shell
override_shell = /shell/path/for/group1
# Homedir
override_homedir = /home/%u

#same way for other groups
[domain/DOMAIN_GROUP2]
..........
..........
..........

Hope this will help.

SSSD storing wrong shell in cache

Tags:

Active Directory

Sssd

Related

Recent Posts